CVSS: 7.5EPSS: 0%CPEs: 12EXPL: 0CVE-2014-3780
https://notcve.org/view.php?id=CVE-2014-3780
Unspecified vulnerability in Citrix VDI-In-A-Box 5.3.x before 5.3.8 and 5.4.x before 5.4.4 allows remote attackers to bypass authentication via unspecified vectors, related to a Java servlet. Vulnerabilidad no especificada en Citrix VDI-In-A-Box 5.3.x anterior a 5.3.8 y 5.4.x anterior a 5.4.4 permite a atacantes remotos evadir autenticación a través de vectores no especificados, relacionado con un servler Java. • http://secunia.com/advisories/58431 http://support.citrix.com/article/CTX140779 http://www.securityfocus.com/bid/67687 http://www.securitytracker.com/id/1030305 • CWE-287: Improper Authentication •
CVSS: 2.1EPSS: 0%CPEs: 9EXPL: 0CVE-2014-2690
https://notcve.org/view.php?id=CVE-2014-2690
Citrix VDI-in-a-Box 5.3.x before 5.3.6 and 5.4.x before 5.4.3 allows local users to obtain administrator credentials by reading the log. Citrix VDI-in-a-Box 5.3.x anterior a 5.3.6 y 5.4.x anterior a 5.4.3 permite a usuarios locales obtener credenciales de administrador mediante la lectura del registro. • http://secunia.com/advisories/57734 http://support.citrix.com/article/CTX140106 http://www.securitytracker.com/id/1030068 • CWE-264: Permissions, Privileges, and Access Controls •