CVE-2014-4700

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://support.citrix.com/article/CTX139591", "name": "http://support.citrix.com/article/CTX139591", "tags": ["Patch", "Vendor Advisory"], "refsource": "CONFIRM"}, {"url": "http://www.securitytracker.com/id/1030566", "name": "1030566", "tags": ["Third Party Advisory", "VDB Entry"], "refsource": "SECTRACK"}, {"url": "http://secunia.com/advisories/59889", "name": "59889", "tags": ["Third Party Advisory"], "refsource": "SECUNIA"}, {"url": "http://www.securityfocus.com/bid/68530", "name": "68530", "tags": ["Third Party Advisory", "VDB Entry"], "refsource": "BID"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94460", "name": "citrix-desktop-cve20144700-unauth-access(94460)", "tags": ["Third Party Advisory", "VDB Entry"], "refsource": "XF"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Citrix XenDesktop 7.x, 5.x, and 4.x, when pooled random desktop groups is enabled and ShutdownDesktopsAfterUse is disabled, allows local guest users to gain access to another user's desktop via unspecified vectors."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-264"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2014-4700", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 4.9, "accessVector": "ADJACENT_NETWORK", "vectorString": "AV:A/AC:M/Au:S/C:P/I:P/A:P", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "severity": "MEDIUM", "acInsufInfo": false, "impactScore": 6.4, "obtainAllPrivilege": false, "exploitabilityScore": 4.4, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2014-07-11T14:55Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:citrix:xendesktop:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "7.11", "versionStartIncluding": "7.0"}, {"cpe23Uri": "cpe:2.3:a:citrix:xendesktop:4.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:citrix:xendesktop:4.0:fp1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:citrix:xendesktop:4.0:fp2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:citrix:xendesktop:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "5.6", "versionStartIncluding": "5.0"}, {"cpe23Uri": "cpe:2.3:a:citrix:xendesktop:5.6:fp1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2018-12-18T14:42Z"}