NotCVE - vendor:"Citrix" product:"Application Delivery Controller Firmware" version:" >= 13.0

25 results (0.005 seconds)

CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0

CVE-2019-18177

https://notcve.org/view.php?id=CVE-2019-18177

In certain Citrix products, information disclosure can be achieved by an authenticated VPN user when there is a configured SSL VPN endpoint. This affects Citrix ADC and Citrix Gateway 13.0-58.30 and later releases before the CTX276688 update. En ciertos productos Citrix, un usuario de VPN autenticado puede lograr la divulgación de información cuando hay un endpoint de VPN SSL configurado. Esto afecta a Citrix ADC y Citrix Gateway 13.0-58.30 y versiones posteriores antes de la actualización CTX276688. • https://support.citrix.com/article/CTX276688/citrix-application-delivery-controller-citrix-gateway-and-citrix-sdwan-wanop-appliance-security-update •

CVSS: 9.8EPSS: 20%CPEs: 8EXPL: 0

CVE-2022-27518 – Citrix Application Delivery Controller (ADC) and Gateway Authentication Bypass Vulnerability

https://notcve.org/view.php?id=CVE-2022-27518

Unauthenticated remote arbitrary code execution Ejecución remota de código arbitrario no autenticado Citrix Application Delivery Controller (ADC) and Gateway, when configured with SAML SP or IdP configuration, contain an authentication bypass vulnerability that allows an attacker to execute code as administrator. • https://support.citrix.com/article/CTX474995 • CWE-664: Improper Control of a Resource Through its Lifetime •

CVSS: 9.8EPSS: 0%CPEs: 10EXPL: 0

CVE-2022-27516 – User login brute force protection functionality bypass

https://notcve.org/view.php?id=CVE-2022-27516

User login brute force protection functionality bypass Omisión de la funcionalidad de protección de fuerza bruta de inicio de sesión de usuario • https://support.citrix.com/article/CTX463706/citrix-gateway-and-citrix-adc-security-bulletin-for-cve202227510-cve202227513-and-cve202227516 • CWE-307: Improper Restriction of Excessive Authentication Attempts CWE-693: Protection Mechanism Failure •

CVSS: 9.8EPSS: 0%CPEs: 10EXPL: 0

CVE-2022-27510 – Unauthorized access to Gateway user capabilities

https://notcve.org/view.php?id=CVE-2022-27510

Unauthorized access to Gateway user capabilities Acceso no autorizado a las capacidades del usuario de Gateway • https://support.citrix.com/article/CTX463706/citrix-gateway-and-citrix-adc-security-bulletin-for-cve202227510-cve202227513-and-cve202227516 • CWE-287: Improper Authentication CWE-288: Authentication Bypass Using an Alternate Path or Channel •

CVSS: 9.6EPSS: 0%CPEs: 10EXPL: 0

CVE-2022-27513 – Remote desktop takeover via phishing

https://notcve.org/view.php?id=CVE-2022-27513

Remote desktop takeover via phishing Adquisición de escritorio remoto mediante phishing • https://support.citrix.com/article/CTX463706/citrix-gateway-and-citrix-adc-security-bulletin-for-cve202227510-cve202227513-and-cve202227516 • CWE-345: Insufficient Verification of Data Authenticity •

1 2 3 4 5