Vulnerability Description
Citrix XenDesktop Virtual Desktop Agent (VDA) 5.6.x before 5.6.200, when making changes to the server-side policy that control USB redirection, does not propagate changes to the VDA, which allows authenticated users to retain access to the USB device.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Citrix | Xendesktop | 5.6 |
References
- http://osvdb.org/88369
- http://secunia.com/advisories/51524Vendor Advisory
- http://support.citrix.com/article/CTX135813Vendor Advisory
- http://www.securityfocus.com/bid/56908
- http://www.securitytracker.com/id?1027869
- https://exchange.xforce.ibmcloud.com/vulnerabilities/80626
- http://osvdb.org/88369
- http://secunia.com/advisories/51524Vendor Advisory
- http://support.citrix.com/article/CTX135813Vendor Advisory
- http://www.securityfocus.com/bid/56908
- http://www.securitytracker.com/id?1027869
- https://exchange.xforce.ibmcloud.com/vulnerabilities/80626
FAQ
What is CVE-2012-6314?
CVE-2012-6314 is a vulnerability with a CVSS score of 5.0 (MEDIUM). Citrix XenDesktop Virtual Desktop Agent (VDA) 5.6.x before 5.6.200, when making changes to the server-side policy that control USB redirection, does not propagate changes to the VDA, which allows auth...
How severe is CVE-2012-6314?
CVE-2012-6314 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2012-6314?
Check the references section above for vendor advisories and patch information. Affected products include: Citrix Xendesktop.