CVSS: 5.9EPSS: 0%CPEs: 8EXPL: 0CVE-2017-17549
https://notcve.org/view.php?id=CVE-2017-17549
Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 10.5 before build 67.13, 11.0 before build 71.22, 11.1 before build 56.19, and 12.0 before build 53.22 allow remote attackers to obtain sensitive information from the backend client TLS handshake by leveraging use of TLS with Client Certificates and a Diffie-Hellman Ephemeral (DHE) key exchange. Citrix NetScaler Application Delivery Controller (ADC) y NetScaler Gateway 10.5 anteriores a la build 67.13, 11.0 anteriores a la build 71.22, 11.1 anteriores a la build 56.19 y 12.0 anteriores a la build 53.22 permiten que atacantes remotos obtengan información sensible de la negociación TLS del cliente del backend aprovechando el uso de TLS con certificados del cliente y un intercambio de claves Diffie-Hellman Ephemeral (DHE). • http://www.securityfocus.com/bid/102177 http://www.securitytracker.com/id/1040011 https://support.citrix.com/article/ctx230612 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.0EPSS: 0%CPEs: 12EXPL: 0CVE-2017-14602
https://notcve.org/view.php?id=CVE-2017-14602
A vulnerability has been identified in the management interface of Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 10.1 before build 135.18, 10.5 before build 66.9, 10.5e before build 60.7010.e, 11.0 before build 70.16, 11.1 before build 55.13, and 12.0 before build 53.13 (except for build 41.24) that, if exploited, could allow an attacker with access to the NetScaler management interface to gain administrative access to the appliance. Se ha identificado una vulnerabilidad en la interfaz de gestión de Citrix NetScaler Application Delivery Controller (ADC) y NetScaler Gateway 10.1 anterior a la build 135.18, 10.5 anterior a la build 66.9, 10.5e anterior a la build 60.7010.e, 11.0 anterior a la build 70.16, 11.1 anterior a la build 55.13 y 12.0 anterior a la build 53.13 (excepto la build 41.24) que, si se explota, podría permitir que un atacante con acceso a la interfaz de gestión de NetScaler obtenga acceso administrativo a la aplicación. • http://www.securityfocus.com/bid/100980 https://support.citrix.com/article/CTX227928 https://support.citrix.com/article/CTX228091 • CWE-287: Improper Authentication •
CVSS: 5.9EPSS: 0%CPEs: 18EXPL: 0CVE-2015-3642
https://notcve.org/view.php?id=CVE-2015-3642
The TLS and DTLS processing functionality in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway devices with firmware 9.x before 9.3 Build 68.5, 10.0 through Build 78.6, 10.1 before Build 130.13, 10.1.e before Build 130.1302.e, 10.5 before Build 55.8, and 10.5.e before Build 55.8007.e makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, a variant of CVE-2014-3566 (aka POODLE). Las funcionalidades de procesamiento TLS y DTLS en dispositivos Citrix NetScaler Application Delivery Controller (ADC) y NetScaler Gateway con versiones de firmware 9.x anteriores a 9.3 Build 68.5, 10.0 en su versión Build 78.6, 10.1 anterior a Build 130.13, 10.1.e anterior a Build 130.1302.e, 10.5 anterior a Build 55.8, y 10.5.e anterior a Build 55.8007.e hacen que sea más fácil que atacantes que realizan Man-in-the-middle obtengan datos en texto plano mediante un ataque padding-oracle, variante de CVE-2014-3566, también conocido como POODLE. • http://support.citrix.com/article/CTX200378 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 10.0EPSS: 96%CPEs: 1EXPL: 2CVE-2017-6316 – Citrix Multiple Products Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2017-6316
Citrix NetScaler SD-WAN devices through v9.1.2.26.561201 allow remote attackers to execute arbitrary shell commands as root via a CGISESSID cookie. On CloudBridge (the former name of NetScaler SD-WAN) devices, the cookie name was CAKEPHP rather than CGISESSID. Los dispositivos Citrix NetScaler SD-WAN hasta la versión v9.1.2.26.561201 permite a atacantes remotos ejecutar comandos de shell aleatorios como root mediante la cookie CGISESSID. En los dispositivos cloudBridge (el nombre formal de NetScaler SD-WAN), la cookie llamada fue CAKEPHP mas que CGISESSID. A vulnerability has been identified in the management interface of Citrix NetScaler SD-WAN Enterprise and Standard Edition and Citrix CloudBridge Virtual WAN Edition that could result in an unauthenticated, remote attacker being able to execute arbitrary code as a root user. • https://www.exploit-db.com/exploits/42346 https://www.exploit-db.com/exploits/42345 http://www.securityfocus.com/bid/99943 http://www.securitytracker.com/id/1039019 https://support.citrix.com/article/CTX225990 • CWE-20: Improper Input Validation •
CVSS: 9.0EPSS: 0%CPEs: 5EXPL: 0CVE-2017-7219
https://notcve.org/view.php?id=CVE-2017-7219
A heap overflow vulnerability in Citrix NetScaler Gateway versions 10.1 before 135.8/135.12, 10.5 before 65.11, 11.0 before 70.12, and 11.1 before 52.13 allows a remote authenticated attacker to run arbitrary commands via unspecified vectors. Una vulnerabilidad de desbordamiento de montón en las versiones Citrix NetScaler Gateway 10.1 en versiones anteriores a 135.8/135.12, 10.5 en versiones anteriores a 65.11, 11.0 en versiones anteriores a 70.12 y 11.1 en versiones anteriores a 52.13 permite a un atacante remoto autenticado ejecutar comandos arbitrarios a través de vectores no especificados. • http://www.securityfocus.com/bid/97626 http://www.securitytracker.com/id/1038283 https://support.citrix.com/article/CTX222657 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •