WID-SEC-W-2024-2209

WID-SEC-W-2024-2209 PUBLISHED CVSS 8.699999809265137 HIGH

Xen ist ein Virtueller-Maschinen-Monitor (VMM), der Hardware (x86, IA-64, PowerPC) für die darauf laufenden Systeme (Domains) paravirtualisiert. Citrix XenServer ist eine Lösung für das Management, die Konfiguration und den Betrieb virtueller Maschinen auf Servern. Citrix Hypervisor ist eine Plattform für Desktop-, Server- und Cloud-Virtualisierungsinfrastrukturen.

Risk Scores

CVSS 4.0

8.699999809265137

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Affected Products

Vendor	Product	Versions
	Open Source Xen xsa462.patch
	Open Source Xen <xsa462.patch
	Fedora Linux
	Citrix Systems Hypervisor <=8.2 CU1 LTSR
	Citrix Systems XenServer <=8
	Debian Linux
	SUSE Linux

Exploit Intelligence

https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-2209.json (circl)
https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-2209 (circl)
https://xenbits.xen.org/xsa/advisory-462.html (circl)
https://support.citrix.com/s/article/CTX691646-xenserver-and-citrix-hypervisor-security-update-for-cve202445817?language=en_US (circl)
https://seclists.org/oss-sec/2024/q3/265 (circl)
https://bodhi.fedoraproject.org/updates/FEDORA-2024-020dbf247c (circl)
https://lists.suse.com/pipermail/sle-security-updates/2024-September/019510.html (circl)
https://lists.suse.com/pipermail/sle-security-updates/2024-September/019509.html (circl)
https://lists.suse.com/pipermail/sle-security-updates/2024-September/019508.html (circl)
https://lists.suse.com/pipermail/sle-security-updates/2024-September/019507.html (circl)

…and 8 more exploits

Timeline

Sep 24, 2024 CVE Published
Dec 26, 2024 CVE Updated

References

https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-2209.json advisory
https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-2209 advisory
https://xenbits.xen.org/xsa/advisory-462.html url
https://support.citrix.com/s/article/CTX691646-xenserver-and-citrix-hypervisor-security-update-for-cve202445817?language=en_US url
https://seclists.org/oss-sec/2024/q3/265 url
https://bodhi.fedoraproject.org/updates/FEDORA-2024-020dbf247c url
https://lists.suse.com/pipermail/sle-security-updates/2024-September/019510.html url
https://lists.suse.com/pipermail/sle-security-updates/2024-September/019509.html url
https://lists.suse.com/pipermail/sle-security-updates/2024-September/019508.html url
https://lists.suse.com/pipermail/sle-security-updates/2024-September/019507.html url
https://bodhi.fedoraproject.org/updates/FEDORA-2024-60809cb44e url
https://bodhi.fedoraproject.org/updates/FEDORA-2024-051cf1553e url
https://lists.suse.com/pipermail/sle-security-updates/2024-September/019519.html url
https://lists.suse.com/pipermail/sle-security-updates/2024-October/019585.html url
https://lists.suse.com/pipermail/sle-security-updates/2024-November/019811.html url
https://lists.suse.com/pipermail/sle-security-updates/2024-November/019847.html url
https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/7DDJIN2NQVRSUGDKCUPSGI662X3KHLZN/ url
https://lists.debian.org/debian-security-announce/2024/msg00252.html url

Open in Interactive Console →