CVSS: 5.9EPSS: 0%CPEs: 18EXPL: 0CVE-2015-3642
https://notcve.org/view.php?id=CVE-2015-3642
02 Aug 2017 — The TLS and DTLS processing functionality in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway devices with firmware 9.x before 9.3 Build 68.5, 10.0 through Build 78.6, 10.1 before Build 130.13, 10.1.e before Build 130.1302.e, 10.5 before Build 55.8, and 10.5.e before Build 55.8007.e makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, a variant of CVE-2014-3566 (aka POODLE). Las funcionalidades de procesamiento TLS y DTLS en dispos... • http://support.citrix.com/article/CTX200378 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.9EPSS: 0%CPEs: 3EXPL: 0CVE-2017-5933
https://notcve.org/view.php?id=CVE-2017-5933
08 Feb 2017 — Citrix NetScaler ADC and NetScaler Gateway 10.5 before Build 65.11, 11.0 before Build 69.12/69.123, and 11.1 before Build 51.21 randomly generates GCM nonces, which makes it marginally easier for remote attackers to obtain the GCM authentication key and spoof data by leveraging a reused nonce in a session and a "forbidden attack," a similar issue to CVE-2016-0270. Citrix NetScaler ADC y NetScaler Gateway 10.5 en versiones anteriores a Build 65.11, 11.0 en versiones anteriores a Build 69.12/69.123 y 11.1 en ... • http://www.securityfocus.com/bid/96151 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0CVE-2016-9028
https://notcve.org/view.php?id=CVE-2016-9028
28 Oct 2016 — Unauthorized redirect vulnerability in Citrix NetScaler ADC before 10.1 135.8, 10.5 61.11, 11.0 65.31/65.35F and 11.1 47.14 allows a remote attacker to steal session cookies of a legitimate AAA user via manipulation of Host header. Vulnerabilidad de redirección no autorizada en Citrix NetScaler ADC en versiones anteriores a 10.1 135.8, 10.5 61.11, 11.0 65.31/65.35F y 11.1 47.14 permite a un atacante remoto robar las cookies de sesión de un usuario legítimo AAA a través de manipulación del cabecero del Host. • http://www.securityfocus.com/bid/93947 • CWE-254: 7PK - Security Features •
CVSS: 9.8EPSS: 5%CPEs: 3EXPL: 1CVE-2014-7140 – Citrix Netscaler SOAP Handler - Remote Code Execution
https://notcve.org/view.php?id=CVE-2014-7140
21 Oct 2014 — Unspecified vulnerability in the management interface in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 10.x before 10.1-129.11 and 10.5 before 10.5-50.10 allows remote attackers to execute arbitrary code via unknown vectors. Vulnerabilidad no especificada en la interfaz de gestión en Citrix NetScaler Application Delivery Controller (ADC) y NetScaler Gateway 10.x anterior a 10.1-129.11 y 10.5 anterior a 10.5-50.10 permite a atacantes remotos ejecutar código arbitrario a través ... • https://www.exploit-db.com/exploits/35180 •
CVSS: 7.5EPSS: 1%CPEs: 6EXPL: 1CVE-2014-4347 – Citrix Netscaler Disclosure / Cross Site Scripting
https://notcve.org/view.php?id=CVE-2014-4347
16 Jul 2014 — Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway (formerly Access Gateway Enterprise Edition) before 9.3-62.4 and 10.x before 10.1-126.12 allows attackers to obtain sensitive information via vectors related to a cookie. Citrix NetScaler Application Delivery Controller (ADC) y NetScaler Gateway (anteriormente Access Gateway Enterprise Edition) anterior a 9.3-62.4 y 10.x anterior a 10.1-126.12 permite a atacantes obtener información sensible a través de vectores relacionados con un... • https://packetstorm.news/files/id/127496 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 10.0EPSS: 0%CPEs: 6EXPL: 0CVE-2014-2881 – Citrix Netscaler Diffie-Hellman Key Exchange Issue
https://notcve.org/view.php?id=CVE-2014-2881
01 May 2014 — Unspecified vulnerability in the Diffie-Hellman key agreement implementation in the management GUI Java applet in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 9.3-66.5 and 10.x before 10.1-122.17 has unknown impact and vectors. Vulnerabilidad no especificada en la implementación de acuerdo clave Diffie-Hellman en el Applet Java de gestión de la interfaz gráfica de usuario en Citrix NetScaler Application Delivery Controller (ADC) y NetScaler Gateway anterior a 9.3-66.5 ... • http://support.citrix.com/article/CTX140651 •
CVSS: 10.0EPSS: 0%CPEs: 6EXPL: 0CVE-2014-2882 – Citrix Netscaler SSL Certificate Validation
https://notcve.org/view.php?id=CVE-2014-2882
01 May 2014 — Unspecified vulnerability in the management GUI in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 9.3-66.5 and 10.x before 10.1-122.17 has unspecified impact and vectors, related to certificate validation. Vulnerabilidad no especificada en la GUI de gestión en Citrix NetScaler Application Delivery Controller (ADC) y NetScaler Gateway anterior a 9.3-66.5 y 10.x anterior a 10.1-122.17 tiene impacto y vectores no especificados, relacionado con validación de certificado. The... • http://support.citrix.com/article/CTX140651 •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2013-6938
https://notcve.org/view.php?id=CVE-2013-6938
10 Mar 2014 — Unspecified vulnerability in the Service VM in Citrix NetScaler SDX 9.3 before 9.3-64.4 and 10.0 before 10.0-77.5 and Application Delivery Controller (ADC) 9.3.x before 9.3-64.4, 10.0 before 10.0-77.5, and 10.1 before 10.1-118.7 allows attackers to cause a denial of service via unknown vectors, related to the "Virtual Machine Daemon." Vulnerabilidad no especificada en el Service VM en Citrix NetScaler SDX 9.3 anterior a 9.3-64.4 y 10.0 anterior a 10.0-77.5 y Application Delivery Controller (ADC) 9.3.x anter... • http://support.citrix.com/article/CTX139049 •
CVSS: 9.1EPSS: 0%CPEs: 4EXPL: 0CVE-2013-6939
https://notcve.org/view.php?id=CVE-2013-6939
10 Mar 2014 — Unspecified vulnerability in Citrix NetScaler Application Delivery Controller (ADC) 9.3.x before 9.3-64.4, 10.0 before 10.0-77.5, and 10.1 before 10.1-118.7 allows attackers to cause a denial of service via unknown vectors, related to "RADIUS authentication." Vulnerabilidad no especificada en Citrix NetScaler Application Delivery Controller (ADC) 9.3.x anterior a 9.3-64.4, 10.0 anterior a 10.0-77.5 y 10.1 anterior a 10.1-118.7 permite a atacantes causar una denegación de servicio a través de vectores descon... • http://support.citrix.com/article/CTX139049 •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2013-6940
https://notcve.org/view.php?id=CVE-2013-6940
10 Mar 2014 — Citrix NetScaler Application Delivery Controller (ADC) 9.3.x before 9.3-64.4, 10.0 before 10.0-77.5, and 10.1 before 10.1-118.7 logs user credentials, which allows attackers to obtain sensitive information via unspecified vectors. Citrix NetScaler Application Delivery Controller (ADC) 9.3.x anterior a 9.3-64.4, 10.0 anterior a 10.0-77.5 y 10.1 anterior a 10.1-118.7 registra las credenciales de usuarios, lo que permite a atacantes obtener información sensible a través de vectores no especificados. • http://support.citrix.com/article/CTX139049 • CWE-255: Credentials Management Errors •