Citrix CloudPlatform (formerly Citrix CloudStack) 3.0.x before 3.0.6 Patch C does not properly restrict access to VNC ports on the management network, which allows remote attackers to have unspecified impact via unknown vectors.
https://exchange.xforce.ibmcloud.com/vulnerabilities/83783
http://www.securitytracker.com/id/1028473
http://www.securityfocus.com/bid/59467
http://support.citrix.com/article/CTX135815