CVE-2018-5314
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Command injection vulnerability in Citrix NetScaler ADC and NetScaler Gateway 11.0 before build 70.16, 11.1 before build 55.13, and 12.0 before build 53.13; and the NetScaler Load Balancing instance distributed with NetScaler SD-WAN/CloudBridge 4000, 4100, 5000 and 5100 WAN Optimization Edition 9.3.0 allows remote attackers to execute a system command or read arbitrary files via an SSH login prompt.
Vulnerabilidad de inyección de comandos en Citrix NetScaler ADC y NetScaler Gateway en versiones 11.0 anteriores a la build 70.16, versiones 11.1 anteriores a la build 55.13 y las versiones 12.0 anteriores a la build 53.13; y la instancia NetScaler Load Balancing distribuida en NetScaler SD-WAN/CloudBridge 4000, 4100, 5000 y 5100 WAN Optimization Edition 9.3.0 permite que atacantes remotos ejecuten un comando del sistema o lean archivos arbitrarios mediante un mensaje de inicio de sesión SSH.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2018-01-09 CVE Reserved
- 2018-03-01 CVE Published
- 2023-09-01 EPSS Updated
- 2024-08-05 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-287: Improper Authentication
CAPEC
References (3)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/103186 | Third Party Advisory | |
| http://www.securitytracker.com/id/1040439 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://support.citrix.com/article/CTX232199 | 2019-10-03 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Citrix Search vendor "Citrix" | Netscaler Application Delivery Controller Search vendor "Citrix" for product "Netscaler Application Delivery Controller" | 11.0 Search vendor "Citrix" for product "Netscaler Application Delivery Controller" and version "11.0" | - |
Affected
| ||||||
| Citrix Search vendor "Citrix" | Netscaler Application Delivery Controller Search vendor "Citrix" for product "Netscaler Application Delivery Controller" | 11.1 Search vendor "Citrix" for product "Netscaler Application Delivery Controller" and version "11.1" | - |
Affected
| ||||||
| Citrix Search vendor "Citrix" | Netscaler Application Delivery Controller Search vendor "Citrix" for product "Netscaler Application Delivery Controller" | 12.0 Search vendor "Citrix" for product "Netscaler Application Delivery Controller" and version "12.0" | - |
Affected
| ||||||
| Citrix Search vendor "Citrix" | Netscaler Gateway Search vendor "Citrix" for product "Netscaler Gateway" | 11.0 Search vendor "Citrix" for product "Netscaler Gateway" and version "11.0" | - |
Affected
| ||||||
| Citrix Search vendor "Citrix" | Netscaler Gateway Search vendor "Citrix" for product "Netscaler Gateway" | 11.1 Search vendor "Citrix" for product "Netscaler Gateway" and version "11.1" | - |
Affected
| ||||||
| Citrix Search vendor "Citrix" | Netscaler Gateway Search vendor "Citrix" for product "Netscaler Gateway" | 12.0 Search vendor "Citrix" for product "Netscaler Gateway" and version "12.0" | - |
Affected
| ||||||
| Citrix Search vendor "Citrix" | Netscaler Sd-wan Search vendor "Citrix" for product "Netscaler Sd-wan" | 9.3.0 Search vendor "Citrix" for product "Netscaler Sd-wan" and version "9.3.0" | wan_optimization |
Affected
| ||||||