Unrated severityNVD Advisory· Published Jul 11, 2014· Updated May 6, 2026

CVE-2014-4700

Description

Citrix XenDesktop 7.x, 5.x, and 4.x, when pooled random desktop groups is enabled and ShutdownDesktopsAfterUse is disabled, allows local guest users to gain access to another user's desktop via unspecified vectors.

Affected products

Citrix Systems/Xendesktop5 versions
cpe:2.3:a:citrix:xendesktop:*:*:*:*:*:*:*:*+ 4 more
- cpe:2.3:a:citrix:xendesktop:*:*:*:*:*:*:*:*range: >=5.0,<=5.6
- cpe:2.3:a:citrix:xendesktop:4.0:*:*:*:*:*:*:*
- cpe:2.3:a:citrix:xendesktop:4.0:fp1:*:*:*:*:*:*
- cpe:2.3:a:citrix:xendesktop:4.0:fp2:*:*:*:*:*:*
- cpe:2.3:a:citrix:xendesktop:5.6:fp1:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

support.citrix.com/article/CTX139591nvdPatchVendor Advisory
secunia.com/advisories/59889nvdThird Party Advisory
www.securityfocus.com/bid/68530nvdThird Party AdvisoryVDB Entry
www.securitytracker.com/id/1030566nvdThird Party AdvisoryVDB Entry
exchange.xforce.ibmcloud.com/vulnerabilities/94460nvdThird Party AdvisoryVDB Entry

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000