|
|
| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2018-6186 |
918 |
|
Exec Code +Priv |
2018-02-01 |
2018-03-02 |
9.0 |
None |
Remote |
Low |
Single system |
Complete |
Complete |
Complete |
|
Citrix NetScaler VPX through NS12.0 53.13.nc allows an SSRF attack via the /rapi/read_url URI by an authenticated attacker who has a webapp account. The attacker can gain access to the nsroot account, and execute remote commands with root privileges. |
|
2 |
CVE-2016-2072 |
254 |
|
|
2016-02-17 |
2016-12-02 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
The Administrative Web Interface in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 11.x before 11.0 Build 64.34, 10.5 before 10.5 Build 59.13, 10.5.e before Build 59.1305.e, and 10.1 allows remote attackers to conduct clickjacking attacks via unspecified vectors. |
|
3 |
CVE-2016-2071 |
264 |
|
+Priv |
2016-02-17 |
2016-12-02 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 11.x before 11.0 Build 64.34, 10.5 before 10.5 Build 59.13, and 10.5.e before Build 59.1305.e allows remote attackers to gain privileges via unspecified NS Web GUI commands. |
|
4 |
CVE-2015-2841 |
284 |
|
Bypass |
2015-04-03 |
2016-12-02 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
Citrix NetScaler AppFirewall, as used in NetScaler 10.5, allows remote attackers to bypass intended firewall restrictions via a crafted Content-Type header, as demonstrated by the application/octet-stream and text/xml Content-Types. |
|
5 |
CVE-2015-2840 |
79 |
|
XSS |
2015-04-03 |
2016-12-02 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in help/rt/large_search.html in Citrix NetScaler before 10.5 build 52.3nc allows remote attackers to inject arbitrary web script or HTML via the searchQuery parameter. |
|
6 |
CVE-2015-2839 |
79 |
|
XSS |
2015-04-03 |
2016-12-02 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
The Nitro API in Citrix NetScaler before 10.5 build 52.3nc uses an incorrect Content-Type when returning an error message, which allows remote attackers to conduct cross-site scripting (XSS) attacks via the file_name JSON member in params/xen_hotfix/0 to nitro/v1/config/xen_hotfix. |
|
7 |
CVE-2015-2838 |
352 |
|
Exec Code CSRF |
2015-04-03 |
2016-12-02 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Cross-site request forgery (CSRF) vulnerability in Nitro API in Citrix NetScaler before 10.5 build 52.3nc allows remote attackers to hijack the authentication of administrators for requests that execute arbitrary commands as nsroot via shell metacharacters in the file_name JSON member in params/xen_hotfix/0 to nitro/v1/config/xen_hotfix. |
|
8 |
CVE-2007-6193 |
200 |
|
+Info |
2007-11-29 |
2008-09-05 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
The web management interface in Citrix NetScaler 8.0 build 47.8 stores the device's primary IP address in a cookie, which might allow remote attackers to obtain sensitive network configuration information if this address is not the same as the address being used by the web interface. |
|
9 |
CVE-2007-6192 |
310 |
|
|
2007-11-29 |
2017-07-28 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
The web management interface in Citrix NetScaler 8.0 build 47.8 uses weak encryption (XOR of unpadded data) to store credentials within a cookie, which makes it easier for remote attackers to obtain cleartext credentials when a cookie is captured via a known-plaintext attack. |
|
10 |
CVE-2007-6037 |
79 |
|
XSS |
2007-11-20 |
2017-07-28 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in ws/generic_api_call.pl in Citrix NetScaler 8.0 build 47.8 allows remote attackers to inject arbitrary web script or HTML via the standalone parameter and other unspecified parameters. |
Total number of vulnerabilities : 10
Page :
1
(This Page)
|
|
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is
MITRE's CVE web site.
CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is
MITRE's CWE web site.
OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is
MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition.
There are NO warranties, implied or otherwise, with regard to this information or its use.
Any use of this information is at the user's risk.
It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content.
EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site.
ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT,
INDIRECT or any other kind of loss.
