Netscaler_application_delivery_controller - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
Netscaler_application_delivery_controller
(Citrix)

Repositories	Unknown: This might be proprietary software.
#Vulnerabilities	14

Date	Id	Summary	Products	Score	Patch	Annotated
2023-07-19	CVE-2023-3466	Reflected Cross-Site Scripting (XSS)	Netscaler_application_delivery_controller, Netscaler_gateway	6.1
2023-07-19	CVE-2023-3467	Privilege Escalation to root administrator (nsroot)	Netscaler_application_delivery_controller, Netscaler_gateway	8.0
2023-10-27	CVE-2023-4967	Denial of Service in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA Virtual Server	Netscaler_application_delivery_controller, Netscaler_gateway	7.5
2018-03-01	CVE-2018-5314	Command injection vulnerability in Citrix NetScaler ADC and NetScaler Gateway 11.0 before build 70.16, 11.1 before build 55.13, and 12.0 before build 53.13; and the NetScaler Load Balancing instance distributed with NetScaler SD-WAN/CloudBridge 4000, 4100, 5000 and 5100 WAN Optimization Edition 9.3.0 allows remote attackers to execute a system command or read arbitrary files via an SSH login prompt.	Netscaler_application_delivery_controller, Netscaler_gateway, Netscaler_sd\-Wan	7.5
2017-08-02	CVE-2015-3642	The TLS and DTLS processing functionality in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway devices with firmware 9.x before 9.3 Build 68.5, 10.0 through Build 78.6, 10.1 before Build 130.13, 10.1.e before Build 130.1302.e, 10.5 before Build 55.8, and 10.5.e before Build 55.8007.e makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, a variant of CVE-2014-3566 (aka POODLE).	Netscaler_application_delivery_controller, Netscaler_gateway	5.9
2014-07-16	CVE-2014-4347	Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway (formerly Access Gateway Enterprise Edition) before 9.3-62.4 and 10.x before 10.1-126.12 allows attackers to obtain sensitive information via vectors related to a cookie.	Netscaler_access_gateway, Netscaler_access_gateway_firmware, Netscaler_application_delivery_controller, Netscaler_application_delivery_controller_firmware	N/A
2014-07-16	CVE-2014-4346	Cross-site scripting (XSS) vulnerability in administration user interface in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway (formerly Access Gateway Enterprise Edition) 10.1 before 10.1-126.12 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.	Netscaler_access_gateway, Netscaler_access_gateway_firmware, Netscaler_application_delivery_controller, Netscaler_application_delivery_controller_firmware	N/A
2014-05-01	CVE-2014-2882	Unspecified vulnerability in the management GUI in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 9.3-66.5 and 10.x before 10.1-122.17 has unspecified impact and vectors, related to certificate validation.	Netscaler_access_gateway, Netscaler_access_gateway_firmware, Netscaler_application_delivery_controller, Netscaler_application_delivery_controller_firmware	N/A
2014-05-01	CVE-2014-2881	Unspecified vulnerability in the Diffie-Hellman key agreement implementation in the management GUI Java applet in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 9.3-66.5 and 10.x before 10.1-122.17 has unknown impact and vectors.	Netscaler_access_gateway, Netscaler_access_gateway_firmware, Netscaler_application_delivery_controller, Netscaler_application_delivery_controller_firmware	N/A
2013-10-04	CVE-2013-6011	Citrix NetScaler Application Delivery Controller (ADC) 10.0 before 10.0-76.7 allows remote attackers to cause a denial of service (nsconfigd crash and appliance reboot) via a crafted request.	Netscaler_application_delivery_controller, Netscaler_application_delivery_controller_firmware	N/A