CVSS: 5.9EPSS: 0%CPEs: 4EXPL: 0CVE-2020-6175
https://notcve.org/view.php?id=CVE-2020-6175
Citrix SD-WAN 10.2.x before 10.2.6 and 11.0.x before 11.0.3 has Missing SSL Certificate Validation. Citrix SD-WAN versiones 10.2.x anteriores a 10.2.6 y versiones 11.0.x anteriores a 11.0.3, presenta una Falta de Comprobación del Certificado SSL. • https://support.citrix.com/article/CTX263526 https://support.citrix.com/search • CWE-295: Improper Certificate Validation •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2019-11345
https://notcve.org/view.php?id=CVE-2019-11345
Citrix SD-WAN Center 10.2.x before 10.2.1 and NetScaler SD-WAN Center 10.0.x before 10.0.7 allow XSS. Citrix SD-WAN Center versiones 10.2.x anteriores a la versión 10.2.1 y NetScaler SD-WAN Center versiones 10.0.x anteriores a la versión 10.0.7, permiten un ataque de tipo XSS. • https://support.citrix.com/article/CTX247737 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 10.0EPSS: 87%CPEs: 4EXPL: 1CVE-2019-10883
https://notcve.org/view.php?id=CVE-2019-10883
Citrix SD-WAN Center 10.2.x before 10.2.1 and NetScaler SD-WAN Center 10.0.x before 10.0.7 allow Command Injection. Citrix SD-WAN Center 10.2.x antes de 10.2.1 y NetScaler SD-WAN Center 10.0.x antes de 10.0.7 permite la inyección de comandos. • https://support.citrix.com/article/CTX247737 https://support.citrix.com/v1/search?searchQuery=%22%22&lang=en&sort=cr_date_desc&prod=&pver=&ct=Security+Bulletin https://www.tenable.com/security/research https://www.tenable.com/security/research/tra-2019-18 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •