Description
Citrix CloudPlatform (formerly Citrix CloudStack) 3.0.x before 3.0.6 Patch C does not properly restrict access to VNC ports on the management network, which allows remote attackers to have unspecified impact via unknown vectors.
References (6)
Core 6
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/59467
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/92746
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/53204
Patch, Vendor Advisory x_refsource_confirm
http://support.citrix.com/article/CTX135815
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/83783
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1028473
Scores
EPSS
0.0190
EPSS Percentile
83.5%
Details
CWE
CWE-264
Status
published
Products (5)
citrix/cloudplatform
3.0
citrix/cloudplatform
3.0.3
citrix/cloudplatform
3.0.4
citrix/cloudplatform
3.0.5
citrix/cloudplatform
3.0.6
Published
May 23, 2014
Tracked Since
Feb 18, 2026