Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Netscaler_application_delivery_controller
(Citrix)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 14 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2023-10-10 | CVE-2023-4966 | Sensitive information disclosure in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA ?virtual?server. | Netscaler_application_delivery_controller, Netscaler_gateway | 7.5 | ||
| 2023-07-19 | CVE-2023-3519 | Unauthenticated remote code execution | Netscaler_application_delivery_controller, Netscaler_gateway | 9.8 | ||
| 2024-01-17 | CVE-2023-6548 | Improper Control of Generation of Code ('Code Injection') in NetScaler ADC and NetScaler Gateway allows an attacker with access to NSIP, CLIP or SNIP with management interface to perform Authenticated (low privileged) remote code execution on Management Interface. | Netscaler_application_delivery_controller, Netscaler_gateway | 8.8 | ||
| 2024-01-17 | CVE-2023-6549 | Improper Restriction of Operations within the Bounds of a Memory Buffer in NetScaler ADC and NetScaler Gateway allows Unauthenticated Denial of Service and Out-Of-Bounds Memory Read | Netscaler_application_delivery_controller, Netscaler_gateway | 7.5 | ||
| 2023-07-19 | CVE-2023-3466 | Reflected Cross-Site Scripting (XSS) | Netscaler_application_delivery_controller, Netscaler_gateway | 6.1 | ||
| 2023-07-19 | CVE-2023-3467 | Privilege Escalation to root administrator (nsroot) | Netscaler_application_delivery_controller, Netscaler_gateway | 8.0 | ||
| 2023-10-27 | CVE-2023-4967 | Denial of Service in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA Virtual Server | Netscaler_application_delivery_controller, Netscaler_gateway | 7.5 | ||
| 2018-03-01 | CVE-2018-5314 | Command injection vulnerability in Citrix NetScaler ADC and NetScaler Gateway 11.0 before build 70.16, 11.1 before build 55.13, and 12.0 before build 53.13; and the NetScaler Load Balancing instance distributed with NetScaler SD-WAN/CloudBridge 4000, 4100, 5000 and 5100 WAN Optimization Edition 9.3.0 allows remote attackers to execute a system command or read arbitrary files via an SSH login prompt. | Netscaler_application_delivery_controller, Netscaler_gateway, Netscaler_sd\-Wan | 7.5 | ||
| 2017-08-02 | CVE-2015-3642 | The TLS and DTLS processing functionality in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway devices with firmware 9.x before 9.3 Build 68.5, 10.0 through Build 78.6, 10.1 before Build 130.13, 10.1.e before Build 130.1302.e, 10.5 before Build 55.8, and 10.5.e before Build 55.8007.e makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, a variant of CVE-2014-3566 (aka POODLE). | Netscaler_application_delivery_controller, Netscaler_gateway | 5.9 | ||
| 2014-07-16 | CVE-2014-4347 | Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway (formerly Access Gateway Enterprise Edition) before 9.3-62.4 and 10.x before 10.1-126.12 allows attackers to obtain sensitive information via vectors related to a cookie. | Netscaler_access_gateway, Netscaler_access_gateway_firmware, Netscaler_application_delivery_controller, Netscaler_application_delivery_controller_firmware | N/A |