CVE-2013-4554

Medium CVSS 5.2

Overview

Xen 3.0.3 through 4.1.x (possibly 4.1.6.1), 4.2.x (possibly 4.2.3), and 4.3.x (possibly 4.3.1) does not properly prevent access to hypercalls, which allows local guest users to gain privileges via a crafted application running in ring 1 or 2.

CWE: CWE-264 Published: 2013-12-24T19:55:07.177

Risk analysis

This vulnerability is rated 🟡 MEDIUM.

CVSS: 5.2 (MEDIUM)
Detected tags: none (tag impact: LOW)

Recommended actions:

Prioritize remediation based on business criticality and exposure.
Limit exposure and increase monitoring until fixed.

Overview

Recommended tools

Tags