Citrix XenServer Active Directory Authentication Incorrect Host Management Security Bypass (CTX213549, CTX213769)

This script is Copyright (C) 2016-2017 Tenable Network Security, Inc.


Synopsis :

The remote host is affected by a security bypass vulnerability.

Description :

The version of Citrix XenServer running on the remote host is 7.x
prior to 7.0 hotfix XS70E003. It is, therefore, affected by a security
bypass vulnerability due to incorrect handling of Active Directory
(AD) credentials. An unauthenticated, remote attacker on the
management network with AD credentials for an AD account can exploit
this to compromise the XenServer host even if the credentials do not
have authorization.

See also :

https://support.citrix.com/article/CTX213549
https://support.citrix.com/article/CTX213769

Solution :

Apply hotfix XS70E003 as referenced in the vendor advisory.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)

Family: Misc.

Nessus Plugin ID: 91885 ()

Bugtraq ID:

CVE ID: CVE-2016-5302

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now