CVE-2016-5302 (xenserver)
Citrix XenServer 7.0 before Hotfix XS70E003, when a deployment has been upgraded from an earlier release, might allow remote attackers on the management network to "compromise" a host by leveraging credentials for an Active Directory account.
Source: CVE-2016-5302 (xenserver)