CVSS: 5.0EPSS: 0%CPEs: 6EXPL: 0CVE-2014-4347 – Citrix Netscaler Disclosure / Cross Site Scripting
https://notcve.org/view.php?id=CVE-2014-4347
Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway (formerly Access Gateway Enterprise Edition) before 9.3-62.4 and 10.x before 10.1-126.12 allows attackers to obtain sensitive information via vectors related to a cookie. Citrix NetScaler Application Delivery Controller (ADC) y NetScaler Gateway (anteriormente Access Gateway Enterprise Edition) anterior a 9.3-62.4 y 10.x anterior a 10.1-126.12 permite a atacantes obtener información sensible a través de vectores relacionados con una cookie. Citrix NetScaler Application Delivery Controller and Citrix NetScaler Gateway are susceptible to cookie disclosure and reflective cross site scripting vulnerabilities. • http://seclists.org/fulldisclosure/2014/Jul/77 http://secunia.com/advisories/59942 http://support.citrix.com/article/CTX140863 http://www.securityfocus.com/archive/1/532802/100/0/threaded http://www.securityfocus.com/bid/68537 http://www.securitytracker.com/id/1030572 http://www.securitytracker.com/id/1030573 https://exchange.xforce.ibmcloud.com/vulnerabilities/94494 https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140716-2_Citrix_NetScaler_Multiple_Vulnerabilities_v10. • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.3EPSS: 0%CPEs: 7EXPL: 0CVE-2014-1899
https://notcve.org/view.php?id=CVE-2014-1899
Cross-site scripting (XSS) vulnerability in Citrix NetScaler Gateway (formerly Citrix Access Gateway Enterprise Edition) 9.x before 9.3.66.5 and 10.x before 10.1.123.9 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de XSS en Citrix NetScaler Gateway (anteriormente Citrix Access Gateway Enterprise Edition) 9.x anterior a 9.3.66.5 y 10.x anterior a 10.1.123.9 permite a atacantes remotos inyectar script Web o HTML arbitrarios a través de vectores no especificados. • http://www.securityfocus.com/bid/67177 http://www.securitytracker.com/id/1030186 https://support.citrix.com/article/CTX140291 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 10.0EPSS: 0%CPEs: 6EXPL: 0CVE-2014-2881
https://notcve.org/view.php?id=CVE-2014-2881
Unspecified vulnerability in the Diffie-Hellman key agreement implementation in the management GUI Java applet in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 9.3-66.5 and 10.x before 10.1-122.17 has unknown impact and vectors. Vulnerabilidad no especificada en la implementación de acuerdo clave Diffie-Hellman en el Applet Java de gestión de la interfaz gráfica de usuario en Citrix NetScaler Application Delivery Controller (ADC) y NetScaler Gateway anterior a 9.3-66.5 y 10.x anterior a 10.1-122.17 tiene impacto y vectores desconocidos. • http://support.citrix.com/article/CTX140651 http://www.securitytracker.com/id/1030180 •
CVSS: 10.0EPSS: 0%CPEs: 6EXPL: 0CVE-2014-2882
https://notcve.org/view.php?id=CVE-2014-2882
Unspecified vulnerability in the management GUI in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 9.3-66.5 and 10.x before 10.1-122.17 has unspecified impact and vectors, related to certificate validation. Vulnerabilidad no especificada en la GUI de gestión en Citrix NetScaler Application Delivery Controller (ADC) y NetScaler Gateway anterior a 9.3-66.5 y 10.x anterior a 10.1-122.17 tiene impacto y vectores no especificados, relacionado con validación de certificado. • http://support.citrix.com/article/CTX140651 http://www.securitytracker.com/id/1030180 •
CVSS: 5.4EPSS: 0%CPEs: 8EXPL: 0CVE-2013-2767
https://notcve.org/view.php?id=CVE-2013-2767
Unspecified vulnerability in Citrix NetScaler Access Gateway Enterprise Edition (AGEE) before 9.3.62.4 and 10.x through 10.0.74.4, and NetScaler AGEE Common Criteria build before 9.3.53.6, allows remote attackers to bypass intended intranet access restrictions via unknown vectors. Vulnerabilidad no especificada en Citrix NetScaler Access Gateway Enterprise Edition (AGEE) antes de v9.3.62.4 y v10.x hasta v10.0.74.4 y NetScaler AGEE Common Criteria antes de v9.3.53.6, permite a atacantes remotos evitar las restricciones de acceso a la intranet destinados a través de vectores desconocidos. • http://support.citrix.com/article/ctx137238 http://www.kb.cert.org/vuls/id/521612 •