CVSS: 5.4EPSS: 0%CPEs: 8EXPL: 0CVE-2013-2767
https://notcve.org/view.php?id=CVE-2013-2767
Unspecified vulnerability in Citrix NetScaler Access Gateway Enterprise Edition (AGEE) before 9.3.62.4 and 10.x through 10.0.74.4, and NetScaler AGEE Common Criteria build before 9.3.53.6, allows remote attackers to bypass intended intranet access restrictions via unknown vectors. Vulnerabilidad no especificada en Citrix NetScaler Access Gateway Enterprise Edition (AGEE) antes de v9.3.62.4 y v10.x hasta v10.0.74.4 y NetScaler AGEE Common Criteria antes de v9.3.53.6, permite a atacantes remotos evitar las restricciones de acceso a la intranet destinados a través de vectores desconocidos. • http://support.citrix.com/article/ctx137238 http://www.kb.cert.org/vuls/id/521612 •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 0CVE-2009-2213
https://notcve.org/view.php?id=CVE-2009-2213
The default configuration of the Security global settings on the Citrix NetScaler Access Gateway appliance with Enterprise Edition firmware 9.0, 8.1, and earlier specifies Allow for the Default Authorization Action option, which might allow remote authenticated users to bypass intended access restrictions. La configuración por defecto en las características de seguridad globales en el appliance Citrix NetScaler Access Gateway con el firmware Enterprise Edition 9.0, 8.1 y versiones anteriores especifica la opción "Allow for the Default Authorization Action" lo que puede permitir a usuarios remotos autenticados evitar las restricciones de acceso previstas. • http://support.citrix.com/article/CTX118770 http://www.securityfocus.com/bid/35422 http://www.vupen.com/english/advisories/2009/1641 https://exchange.xforce.ibmcloud.com/vulnerabilities/51274 • CWE-863: Incorrect Authorization •