mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-07 21:46:40 +02:00
0xMarcio
970 B
970 B
CVE-2018-18014
Description
** DISPUTED *** Lack of authentication in Citrix Xen Mobile through 10.8 allows low-privileged local users to execute system commands as root by making requests to private services listening on ports 8000, 30000 and 30001. NOTE: the vendor disputes that this is a vulnerability, stating it is "already mitigated by the internal firewall that limits access to configuration services to localhost."