CVE-2024-8535 – Authenticated user can access unintended user capabilities
https://notcve.org/view.php?id=CVE-2024-8535
Authenticated user can access unintended user capabilities in NetScaler ADC and NetScaler Gateway if the appliance must be configured as a Gateway (SSL VPN, ICA Proxy, CVPN, RDP Proxy) with KCDAccount configuration for Kerberos SSO to access backend resources OR the appliance must be configured as an Auth Server (AAA Vserver) with KCDAccount configuration for Kerberos SSO to access backend resources • https://support.citrix.com/s/article/CTX691608-netscaler-adc-and-netscaler-gateway-security-bulletin-for-cve20248534-and-cve20248535?language=en_US •
CVE-2024-8534 – Memory safety vulnerability leading to memory corruption and Denial of Service
https://notcve.org/view.php?id=CVE-2024-8534
Memory safety vulnerability leading to memory corruption and Denial of Service in NetScaler ADC and Gateway if the appliance must be configured as a Gateway (VPN Vserver) with RDP Feature enabled OR the appliance must be configured as a Gateway (VPN Vserver) and RDP Proxy Server Profile is created and set to Gateway (VPN Vserver) OR the appliance must be configured as a Auth Server (AAA Vserver) with RDP Feature enabled • https://support.citrix.com/s/article/CTX691608-netscaler-adc-and-netscaler-gateway-security-bulletin-for-cve20248534-and-cve20248535?language=en_US • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2024-5492 – Open redirect vulnerability allows a remote unauthenticated attacker to redirect users to arbitrary websites
https://notcve.org/view.php?id=CVE-2024-5492
Open redirect vulnerability allows a remote unauthenticated attacker to redirect users to arbitrary websites in NetScaler ADC and NetScaler Gateway La vulnerabilidad de redireccionamiento abierto permite a un atacante remoto no autenticado redirigir a los usuarios a sitios web arbitrarios en NetScaler ADC y NetScaler Gateway. • https://support.citrix.com/article/CTX677944/netscaler-adc-and-netscaler-gateway-security-bulletin-for-cve20245491-and-cve20245492 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVE-2024-5491 – Denial of Service
https://notcve.org/view.php?id=CVE-2024-5491
Denial of Service in NetScaler ADC and NetScaler Gateway in NetScaler Denegación de servicio en NetScaler ADC y NetScaler Gateway en NetScaler • https://support.citrix.com/article/CTX677944/netscaler-adc-and-netscaler-gateway-security-bulletin-for-cve20245491-and-cve20245492 •