CVE-2013-2601

Citrix XenClient XT < 2.1.3 and 3.x < 3.1.4 - Remote Code Execution via NDVM Network Connection

Title source: llm
STIX 2.1

Description

The NDVM in Citrix XenClient XT before 2.1.3 and 3.x before 3.1.4 allows remote attackers to execute arbitrary commands by using the UIVM to create a network connection.

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/96749
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/86967
Vendor Advisory x_refsource_confirm
http://support.citrix.com/article/CTX138633

Scores

EPSS 0.0075
EPSS Percentile 73.4%

Details

Status published
Products (3)
citrix/xenclient_xt 3.0.0
citrix/xenclient_xt 3.1.3
citrix/xenclient_xt < 2.1.2
Published Sep 12, 2013
Tracked Since Feb 18, 2026