Citrix XenDesktop 4.x / 5.x / 7.x Unauthorized Access (CTX139591)

This script is Copyright (C) 2014 Tenable Network Security, Inc.

Synopsis :

The remote host is affected by an unauthorized access vulnerability.

Description :

The remote host is running a version of Citrix XenDesktop that is
affected by an unauthorized access vulnerability. A flaw exists that
could result in a user gaining unauthorized access to another user's

Note that this vulnerability only affects configurations when pooled
random desktop groups are enabled and the 'ShutdownDesktopsAfterUse'
setting is set to the non-default state of disabled.

See also :

Solution :

Apply the appropriate hotfix or set 'ShutdownDesktopsAfterUse' to

Risk factor :

Medium / CVSS Base Score : 4.9
CVSS Temporal Score : 4.3
Public Exploit Available : false

Family: Windows

Nessus Plugin ID: 76571 ()

Bugtraq ID: 68530

CVE ID: CVE-2014-4700

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now