CVSS: 10.0EPSS: 0%CPEs: 10EXPL: 0CVE-2022-27516 – User login brute force protection functionality bypass
https://notcve.org/view.php?id=CVE-2022-27516
08 Nov 2022 — User login brute force protection functionality bypass Omisión de la funcionalidad de protección de fuerza bruta de inicio de sesión de usuario • https://support.citrix.com/article/CTX463706/citrix-gateway-and-citrix-adc-security-bulletin-for-cve202227510-cve202227513-and-cve202227516 • CWE-307: Improper Restriction of Excessive Authentication Attempts CWE-693: Protection Mechanism Failure •
CVSS: 10.0EPSS: 0%CPEs: 10EXPL: 0CVE-2022-27510 – Unauthorized access to Gateway user capabilities
https://notcve.org/view.php?id=CVE-2022-27510
08 Nov 2022 — Unauthorized access to Gateway user capabilities Acceso no autorizado a las capacidades del usuario de Gateway • https://support.citrix.com/article/CTX463706/citrix-gateway-and-citrix-adc-security-bulletin-for-cve202227510-cve202227513-and-cve202227516 • CWE-287: Improper Authentication CWE-288: Authentication Bypass Using an Alternate Path or Channel •
CVSS: 10.0EPSS: 0%CPEs: 10EXPL: 0CVE-2022-27513 – Remote desktop takeover via phishing
https://notcve.org/view.php?id=CVE-2022-27513
08 Nov 2022 — Remote desktop takeover via phishing Adquisición de escritorio remoto mediante phishing • https://support.citrix.com/article/CTX463706/citrix-gateway-and-citrix-adc-security-bulletin-for-cve202227510-cve202227513-and-cve202227516 • CWE-345: Insufficient Verification of Data Authenticity •
CVSS: 6.4EPSS: 0%CPEs: 10EXPL: 0CVE-2022-27509 – Unauthenticated redirection to a malicious website
https://notcve.org/view.php?id=CVE-2022-27509
28 Jul 2022 — Unauthenticated redirection to a malicious website Un redireccionamiento no autenticado a un sitio web malicioso • https://support.citrix.com/article/CTX457836 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 9.8EPSS: 94%CPEs: 13EXPL: 53CVE-2019-19781 – Citrix ADC, Gateway, and SD-WAN WANOP Appliance Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2019-19781
27 Dec 2019 — An issue was discovered in Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0. They allow Directory Traversal. Se descubrió un problema en Citrix Application Delivery Controller (ADC) and Gateway versiones 10.5, 11.1, 12.0, 12.1 y 13.0. Permiten un salto de directorio. Citrix ADC, Citrix Gateway, and multiple Citrix SD-WAN WANOP appliance models contain an unspecified vulnerability that could allow an unauthenticated attacker to perform code execution. • https://packetstorm.news/files/id/181080 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.8EPSS: 0%CPEs: 13EXPL: 0CVE-2019-18225
https://notcve.org/view.php?id=CVE-2019-18225
21 Oct 2019 — An issue was discovered in Citrix Application Delivery Controller (ADC) and Gateway before 10.5 build 70.8, 11.x before 11.1 build 63.9, 12.0 before build 62.10, 12.1 before build 54.16, and 13.0 before build 41.28. An attacker with management-interface access can bypass authentication to obtain appliance administrative access. These products formerly used the NetScaler brand name. Se detectó un problema en Citrix Application Delivery Controller (ADC) y Gateway versiones anteriores a 10.5 build 70.8, versio... • https://support.citrix.com/article/CTX261055 •