Citrix XenDesktop 7.x, 5.x, and 4.x, when pooled random desktop groups is enabled and ShutdownDesktopsAfterUse is disabled, allows local guest users to gain access to another users desktop via unspecified vectors.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Xendesktop | Citrix | 5.0 (including) | 5.6 (including) |
| Xendesktop | Citrix | 7.0 (including) | 7.11 (including) |
| Xendesktop | Citrix | 4.0 (including) | 4.0 (including) |
| Xendesktop | Citrix | 4.0-fp1 (including) | 4.0-fp1 (including) |
| Xendesktop | Citrix | 4.0-fp2 (including) | 4.0-fp2 (including) |
| Xendesktop | Citrix | 5.6-fp1 (including) | 5.6-fp1 (including) |