A weakness has been identified in Citrix XenApp and XenDesktop. While this issue is not directly exploitable, it could potentially weaken an existing security mitigation, resulting in a loss of defence in depth.
This weakness affects the following Citrix products:
- Citrix XenDesktop up to and including version 7.8
- Citrix XenApp 7.x up to and including version 7.8
All versions of Citrix XenApp 6.x up to and including version 6.5 with HRP 06 installed
This weakness has been assigned the following CVE number:
- CVE-2016-6493: Memory Permission Weakness in Citrix XenApp and XenDesktop