Citrix XenDesktop BrokerAccessPolicyRule Policy Rule Remote Security Bypass

This script is Copyright (C) 2013-2016 Tenable Network Security, Inc.

Synopsis :

The remote host may be affected by a remote security bypass

Description :

The remote host is running a version of Citrix XenDesktop that could be
affected by a remote security bypass vulnerability, related to the
'BrokerAccessPolicyRule' policy rule.

Note that this vulnerability only affects installations that have been
upgraded from XenDesktop 5. Also, Nessus has not checked if any
workarounds have been applied.

See also :

Solution :

Upgrade to Citrix XenDesktop 7.1 or see the vendor's advisory for
instructions on how to reset the BrokerAccessPolicyRule settings.

Risk factor :

Medium / CVSS Base Score : 6.8
CVSS Temporal Score : 5.9
Public Exploit Available : false

Family: Windows

Nessus Plugin ID: 70741 ()

Bugtraq ID: 63413

CVE ID: CVE-2013-6077

Ready to Scan Unlimited IPs & Run Compliance Checks?

Upgrade to Nessus Professional today!

Buy Now

Combine the Power of Nessus with the Ease of Cloud

Start your free Nessus Cloud trial now!

Begin Free Trial