Search criteria
10 vulnerabilities found for application_delivery_management by citrix
CVE-2022-27512 (GCVE-0-2022-27512)
Vulnerability from nvd – Published: 2022-06-16 18:53 – Updated: 2024-09-16 23:35
VLAI?
Title
Temporary disruption of the ADM license service
Summary
Temporary disruption of the ADM license service. The impact of this includes preventing new licenses from being issued or renewed by Citrix ADM.
Severity ?
No CVSS data available.
CWE
- CWE-664 - Improper Control of a Resource Through its Lifetime
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Citrix | Citrix Application Delivery Management (Citrix ADM) |
Affected:
unspecified , < 13.1-21.53
(custom)
Affected: unspecified , < 13.0-85.19 (custom) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:32:58.967Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.citrix.com/article/CTX460016/citrix-application-delivery-management-security-bulletin-for-cve202227511-and-cve202227512"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Citrix Application Delivery Management (Citrix ADM)",
"vendor": "Citrix",
"versions": [
{
"lessThan": "13.1-21.53",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "13.0-85.19",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-06-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Temporary disruption of the ADM license service. The impact of this includes preventing new licenses from being issued or renewed by Citrix ADM."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-664",
"description": "CWE-664 Improper Control of a Resource Through its Lifetime",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-16T18:53:33",
"orgId": "e437aed5-38e0-4fa3-a98b-cb73e7acaec6",
"shortName": "Citrix"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.citrix.com/article/CTX460016/citrix-application-delivery-management-security-bulletin-for-cve202227511-and-cve202227512"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Temporary disruption of the ADM license service",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@citrix.com",
"DATE_PUBLIC": "2022-06-14T16:47:00.000Z",
"ID": "CVE-2022-27512",
"STATE": "PUBLIC",
"TITLE": "Temporary disruption of the ADM license service"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Citrix Application Delivery Management (Citrix ADM)",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "13.1-21.53"
},
{
"version_affected": "\u003c",
"version_value": "13.0-85.19"
}
]
}
}
]
},
"vendor_name": "Citrix"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Temporary disruption of the ADM license service. The impact of this includes preventing new licenses from being issued or renewed by Citrix ADM."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-664 Improper Control of a Resource Through its Lifetime"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.citrix.com/article/CTX460016/citrix-application-delivery-management-security-bulletin-for-cve202227511-and-cve202227512",
"refsource": "MISC",
"url": "https://support.citrix.com/article/CTX460016/citrix-application-delivery-management-security-bulletin-for-cve202227511-and-cve202227512"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e437aed5-38e0-4fa3-a98b-cb73e7acaec6",
"assignerShortName": "Citrix",
"cveId": "CVE-2022-27512",
"datePublished": "2022-06-16T18:53:33.283390Z",
"dateReserved": "2022-03-21T00:00:00",
"dateUpdated": "2024-09-16T23:35:26.170Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-27511 (GCVE-0-2022-27511)
Vulnerability from nvd – Published: 2022-06-16 18:53 – Updated: 2024-09-17 01:10
VLAI?
Title
Corruption of the system by a remote, unauthenticated user potentially leading to the reset of the administrator password
Summary
Corruption of the system by a remote, unauthenticated user. The impact of this can include the reset of the administrator password at the next device reboot, allowing an attacker with ssh access to connect with the default administrator credentials after the device has rebooted.
Severity ?
No CVSS data available.
CWE
- CWE-284 - Improper Access Control
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Citrix | Citrix Application Delivery Management (Citrix ADM) |
Affected:
unspecified , < 13.1-21.53
(custom)
Affected: unspecified , < 13.0-85.19 (custom) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:32:59.180Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.citrix.com/article/CTX460016/citrix-application-delivery-management-security-bulletin-for-cve202227511-and-cve202227512"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Citrix Application Delivery Management (Citrix ADM)",
"vendor": "Citrix",
"versions": [
{
"lessThan": "13.1-21.53",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "13.0-85.19",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-06-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Corruption of the system by a remote, unauthenticated user. The impact of this can include the reset of the administrator password at the next device reboot, allowing an attacker with ssh access to connect with the default administrator credentials after the device has rebooted."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-16T18:53:14",
"orgId": "e437aed5-38e0-4fa3-a98b-cb73e7acaec6",
"shortName": "Citrix"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.citrix.com/article/CTX460016/citrix-application-delivery-management-security-bulletin-for-cve202227511-and-cve202227512"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Corruption of the system by a remote, unauthenticated user potentially leading to the reset of the administrator password",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@citrix.com",
"DATE_PUBLIC": "2022-06-14T16:47:00.000Z",
"ID": "CVE-2022-27511",
"STATE": "PUBLIC",
"TITLE": "Corruption of the system by a remote, unauthenticated user potentially leading to the reset of the administrator password"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Citrix Application Delivery Management (Citrix ADM)",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "13.1-21.53"
},
{
"version_affected": "\u003c",
"version_value": "13.0-85.19"
}
]
}
}
]
},
"vendor_name": "Citrix"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Corruption of the system by a remote, unauthenticated user. The impact of this can include the reset of the administrator password at the next device reboot, allowing an attacker with ssh access to connect with the default administrator credentials after the device has rebooted."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-284 Improper Access Control"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.citrix.com/article/CTX460016/citrix-application-delivery-management-security-bulletin-for-cve202227511-and-cve202227512",
"refsource": "MISC",
"url": "https://support.citrix.com/article/CTX460016/citrix-application-delivery-management-security-bulletin-for-cve202227511-and-cve202227512"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e437aed5-38e0-4fa3-a98b-cb73e7acaec6",
"assignerShortName": "Citrix",
"cveId": "CVE-2022-27511",
"datePublished": "2022-06-16T18:53:14.582634Z",
"dateReserved": "2022-03-21T00:00:00",
"dateUpdated": "2024-09-17T01:10:57.643Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22920 (GCVE-0-2021-22920)
Vulnerability from nvd – Published: 2021-08-05 20:16 – Updated: 2024-08-03 18:58
VLAI?
Summary
A vulnerability has been discovered in Citrix ADC (formerly known as NetScaler ADC) and Citrix Gateway (formerly known as NetScaler Gateway), and Citrix SD-WAN WANOP Edition models 4000-WO, 4100-WO, 5000-WO, and 5100-WO. These vulnerabilities, if exploited, could lead to a phishing attack through a SAML authentication hijack to steal a valid user session.
Severity ?
No CVSS data available.
CWE
- CWE-284 - Improper Access Control - Generic (CWE-284)
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Citrix ADC, Citrix Gateway |
Affected:
Citrix ADC and Citrix Gateway 13.0-82.45 and later releases of 13.0
Affected: Citrix ADC and Citrix Gateway 12.1-62.27 and later releases of 12.1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:58:25.644Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.citrix.com/article/CTX319135"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Citrix ADC, Citrix Gateway",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Citrix ADC and Citrix Gateway 13.0-82.45 and later releases of 13.0"
},
{
"status": "affected",
"version": "Citrix ADC and Citrix Gateway 12.1-62.27 and later releases of 12.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been discovered in Citrix ADC (formerly known as NetScaler ADC) and Citrix Gateway (formerly known as NetScaler Gateway), and Citrix SD-WAN WANOP Edition models 4000-WO, 4100-WO, 5000-WO, and 5100-WO. These vulnerabilities, if exploited, could lead to a phishing attack through a SAML authentication hijack to steal a valid user session."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "Improper Access Control - Generic (CWE-284)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-05T20:16:49",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.citrix.com/article/CTX319135"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "support@hackerone.com",
"ID": "CVE-2021-22920",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Citrix ADC, Citrix Gateway",
"version": {
"version_data": [
{
"version_value": "Citrix ADC and Citrix Gateway 13.0-82.45 and later releases of 13.0"
},
{
"version_value": "Citrix ADC and Citrix Gateway 12.1-62.27 and later releases of 12.1"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been discovered in Citrix ADC (formerly known as NetScaler ADC) and Citrix Gateway (formerly known as NetScaler Gateway), and Citrix SD-WAN WANOP Edition models 4000-WO, 4100-WO, 5000-WO, and 5100-WO. These vulnerabilities, if exploited, could lead to a phishing attack through a SAML authentication hijack to steal a valid user session."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Access Control - Generic (CWE-284)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.citrix.com/article/CTX319135",
"refsource": "MISC",
"url": "https://support.citrix.com/article/CTX319135"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2021-22920",
"datePublished": "2021-08-05T20:16:49",
"dateReserved": "2021-01-06T00:00:00",
"dateUpdated": "2024-08-03T18:58:25.644Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-17366 (GCVE-0-2019-17366)
Vulnerability from nvd – Published: 2019-10-09 21:12 – Updated: 2024-08-05 01:40
VLAI?
Summary
Citrix Application Delivery Management (ADM) 12.1 before build 54.13 has Incorrect Access Control.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T01:40:15.218Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.citrix.com/article/CTX261735"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2019-10-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Citrix Application Delivery Management (ADM) 12.1 before build 54.13 has Incorrect Access Control."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-10-09T21:12:28",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.citrix.com/article/CTX261735"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-17366",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Citrix Application Delivery Management (ADM) 12.1 before build 54.13 has Incorrect Access Control."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.citrix.com/article/CTX261735",
"refsource": "CONFIRM",
"url": "https://support.citrix.com/article/CTX261735"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-17366",
"datePublished": "2019-10-09T21:12:28",
"dateReserved": "2019-10-09T00:00:00",
"dateUpdated": "2024-08-05T01:40:15.218Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-9548 (GCVE-0-2019-9548)
Vulnerability from nvd – Published: 2019-06-05 16:20 – Updated: 2024-08-04 21:54
VLAI?
Summary
Citrix Application Delivery Management (ADM) 12.1.x before 12.1.50.33 has Incorrect Access Control.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T21:54:44.419Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.citrix.com/v1/search?searchQuery=%22%22\u0026lang=en\u0026sort=cr_date_desc\u0026prod=\u0026pver=\u0026ct=Security+Bulletin"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.citrix.com/article/CTX247738"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Citrix Application Delivery Management (ADM) 12.1.x before 12.1.50.33 has Incorrect Access Control."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-06-05T16:20:43",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.citrix.com/v1/search?searchQuery=%22%22\u0026lang=en\u0026sort=cr_date_desc\u0026prod=\u0026pver=\u0026ct=Security+Bulletin"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.citrix.com/article/CTX247738"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-9548",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Citrix Application Delivery Management (ADM) 12.1.x before 12.1.50.33 has Incorrect Access Control."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.citrix.com/v1/search?searchQuery=%22%22\u0026lang=en\u0026sort=cr_date_desc\u0026prod=\u0026pver=\u0026ct=Security+Bulletin",
"refsource": "MISC",
"url": "https://support.citrix.com/v1/search?searchQuery=%22%22\u0026lang=en\u0026sort=cr_date_desc\u0026prod=\u0026pver=\u0026ct=Security+Bulletin"
},
{
"name": "https://support.citrix.com/article/CTX247738",
"refsource": "CONFIRM",
"url": "https://support.citrix.com/article/CTX247738"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-9548",
"datePublished": "2019-06-05T16:20:43",
"dateReserved": "2019-03-01T00:00:00",
"dateUpdated": "2024-08-04T21:54:44.419Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-27512 (GCVE-0-2022-27512)
Vulnerability from cvelistv5 – Published: 2022-06-16 18:53 – Updated: 2024-09-16 23:35
VLAI?
Title
Temporary disruption of the ADM license service
Summary
Temporary disruption of the ADM license service. The impact of this includes preventing new licenses from being issued or renewed by Citrix ADM.
Severity ?
No CVSS data available.
CWE
- CWE-664 - Improper Control of a Resource Through its Lifetime
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Citrix | Citrix Application Delivery Management (Citrix ADM) |
Affected:
unspecified , < 13.1-21.53
(custom)
Affected: unspecified , < 13.0-85.19 (custom) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:32:58.967Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.citrix.com/article/CTX460016/citrix-application-delivery-management-security-bulletin-for-cve202227511-and-cve202227512"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Citrix Application Delivery Management (Citrix ADM)",
"vendor": "Citrix",
"versions": [
{
"lessThan": "13.1-21.53",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "13.0-85.19",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-06-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Temporary disruption of the ADM license service. The impact of this includes preventing new licenses from being issued or renewed by Citrix ADM."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-664",
"description": "CWE-664 Improper Control of a Resource Through its Lifetime",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-16T18:53:33",
"orgId": "e437aed5-38e0-4fa3-a98b-cb73e7acaec6",
"shortName": "Citrix"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.citrix.com/article/CTX460016/citrix-application-delivery-management-security-bulletin-for-cve202227511-and-cve202227512"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Temporary disruption of the ADM license service",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@citrix.com",
"DATE_PUBLIC": "2022-06-14T16:47:00.000Z",
"ID": "CVE-2022-27512",
"STATE": "PUBLIC",
"TITLE": "Temporary disruption of the ADM license service"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Citrix Application Delivery Management (Citrix ADM)",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "13.1-21.53"
},
{
"version_affected": "\u003c",
"version_value": "13.0-85.19"
}
]
}
}
]
},
"vendor_name": "Citrix"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Temporary disruption of the ADM license service. The impact of this includes preventing new licenses from being issued or renewed by Citrix ADM."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-664 Improper Control of a Resource Through its Lifetime"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.citrix.com/article/CTX460016/citrix-application-delivery-management-security-bulletin-for-cve202227511-and-cve202227512",
"refsource": "MISC",
"url": "https://support.citrix.com/article/CTX460016/citrix-application-delivery-management-security-bulletin-for-cve202227511-and-cve202227512"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e437aed5-38e0-4fa3-a98b-cb73e7acaec6",
"assignerShortName": "Citrix",
"cveId": "CVE-2022-27512",
"datePublished": "2022-06-16T18:53:33.283390Z",
"dateReserved": "2022-03-21T00:00:00",
"dateUpdated": "2024-09-16T23:35:26.170Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-27511 (GCVE-0-2022-27511)
Vulnerability from cvelistv5 – Published: 2022-06-16 18:53 – Updated: 2024-09-17 01:10
VLAI?
Title
Corruption of the system by a remote, unauthenticated user potentially leading to the reset of the administrator password
Summary
Corruption of the system by a remote, unauthenticated user. The impact of this can include the reset of the administrator password at the next device reboot, allowing an attacker with ssh access to connect with the default administrator credentials after the device has rebooted.
Severity ?
No CVSS data available.
CWE
- CWE-284 - Improper Access Control
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Citrix | Citrix Application Delivery Management (Citrix ADM) |
Affected:
unspecified , < 13.1-21.53
(custom)
Affected: unspecified , < 13.0-85.19 (custom) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:32:59.180Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.citrix.com/article/CTX460016/citrix-application-delivery-management-security-bulletin-for-cve202227511-and-cve202227512"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Citrix Application Delivery Management (Citrix ADM)",
"vendor": "Citrix",
"versions": [
{
"lessThan": "13.1-21.53",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "13.0-85.19",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-06-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Corruption of the system by a remote, unauthenticated user. The impact of this can include the reset of the administrator password at the next device reboot, allowing an attacker with ssh access to connect with the default administrator credentials after the device has rebooted."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-16T18:53:14",
"orgId": "e437aed5-38e0-4fa3-a98b-cb73e7acaec6",
"shortName": "Citrix"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.citrix.com/article/CTX460016/citrix-application-delivery-management-security-bulletin-for-cve202227511-and-cve202227512"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Corruption of the system by a remote, unauthenticated user potentially leading to the reset of the administrator password",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@citrix.com",
"DATE_PUBLIC": "2022-06-14T16:47:00.000Z",
"ID": "CVE-2022-27511",
"STATE": "PUBLIC",
"TITLE": "Corruption of the system by a remote, unauthenticated user potentially leading to the reset of the administrator password"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Citrix Application Delivery Management (Citrix ADM)",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "13.1-21.53"
},
{
"version_affected": "\u003c",
"version_value": "13.0-85.19"
}
]
}
}
]
},
"vendor_name": "Citrix"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Corruption of the system by a remote, unauthenticated user. The impact of this can include the reset of the administrator password at the next device reboot, allowing an attacker with ssh access to connect with the default administrator credentials after the device has rebooted."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-284 Improper Access Control"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.citrix.com/article/CTX460016/citrix-application-delivery-management-security-bulletin-for-cve202227511-and-cve202227512",
"refsource": "MISC",
"url": "https://support.citrix.com/article/CTX460016/citrix-application-delivery-management-security-bulletin-for-cve202227511-and-cve202227512"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e437aed5-38e0-4fa3-a98b-cb73e7acaec6",
"assignerShortName": "Citrix",
"cveId": "CVE-2022-27511",
"datePublished": "2022-06-16T18:53:14.582634Z",
"dateReserved": "2022-03-21T00:00:00",
"dateUpdated": "2024-09-17T01:10:57.643Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22920 (GCVE-0-2021-22920)
Vulnerability from cvelistv5 – Published: 2021-08-05 20:16 – Updated: 2024-08-03 18:58
VLAI?
Summary
A vulnerability has been discovered in Citrix ADC (formerly known as NetScaler ADC) and Citrix Gateway (formerly known as NetScaler Gateway), and Citrix SD-WAN WANOP Edition models 4000-WO, 4100-WO, 5000-WO, and 5100-WO. These vulnerabilities, if exploited, could lead to a phishing attack through a SAML authentication hijack to steal a valid user session.
Severity ?
No CVSS data available.
CWE
- CWE-284 - Improper Access Control - Generic (CWE-284)
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Citrix ADC, Citrix Gateway |
Affected:
Citrix ADC and Citrix Gateway 13.0-82.45 and later releases of 13.0
Affected: Citrix ADC and Citrix Gateway 12.1-62.27 and later releases of 12.1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:58:25.644Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.citrix.com/article/CTX319135"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Citrix ADC, Citrix Gateway",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Citrix ADC and Citrix Gateway 13.0-82.45 and later releases of 13.0"
},
{
"status": "affected",
"version": "Citrix ADC and Citrix Gateway 12.1-62.27 and later releases of 12.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been discovered in Citrix ADC (formerly known as NetScaler ADC) and Citrix Gateway (formerly known as NetScaler Gateway), and Citrix SD-WAN WANOP Edition models 4000-WO, 4100-WO, 5000-WO, and 5100-WO. These vulnerabilities, if exploited, could lead to a phishing attack through a SAML authentication hijack to steal a valid user session."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "Improper Access Control - Generic (CWE-284)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-05T20:16:49",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.citrix.com/article/CTX319135"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "support@hackerone.com",
"ID": "CVE-2021-22920",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Citrix ADC, Citrix Gateway",
"version": {
"version_data": [
{
"version_value": "Citrix ADC and Citrix Gateway 13.0-82.45 and later releases of 13.0"
},
{
"version_value": "Citrix ADC and Citrix Gateway 12.1-62.27 and later releases of 12.1"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been discovered in Citrix ADC (formerly known as NetScaler ADC) and Citrix Gateway (formerly known as NetScaler Gateway), and Citrix SD-WAN WANOP Edition models 4000-WO, 4100-WO, 5000-WO, and 5100-WO. These vulnerabilities, if exploited, could lead to a phishing attack through a SAML authentication hijack to steal a valid user session."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Access Control - Generic (CWE-284)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.citrix.com/article/CTX319135",
"refsource": "MISC",
"url": "https://support.citrix.com/article/CTX319135"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2021-22920",
"datePublished": "2021-08-05T20:16:49",
"dateReserved": "2021-01-06T00:00:00",
"dateUpdated": "2024-08-03T18:58:25.644Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-17366 (GCVE-0-2019-17366)
Vulnerability from cvelistv5 – Published: 2019-10-09 21:12 – Updated: 2024-08-05 01:40
VLAI?
Summary
Citrix Application Delivery Management (ADM) 12.1 before build 54.13 has Incorrect Access Control.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T01:40:15.218Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.citrix.com/article/CTX261735"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2019-10-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Citrix Application Delivery Management (ADM) 12.1 before build 54.13 has Incorrect Access Control."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-10-09T21:12:28",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.citrix.com/article/CTX261735"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-17366",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Citrix Application Delivery Management (ADM) 12.1 before build 54.13 has Incorrect Access Control."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.citrix.com/article/CTX261735",
"refsource": "CONFIRM",
"url": "https://support.citrix.com/article/CTX261735"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-17366",
"datePublished": "2019-10-09T21:12:28",
"dateReserved": "2019-10-09T00:00:00",
"dateUpdated": "2024-08-05T01:40:15.218Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-9548 (GCVE-0-2019-9548)
Vulnerability from cvelistv5 – Published: 2019-06-05 16:20 – Updated: 2024-08-04 21:54
VLAI?
Summary
Citrix Application Delivery Management (ADM) 12.1.x before 12.1.50.33 has Incorrect Access Control.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T21:54:44.419Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.citrix.com/v1/search?searchQuery=%22%22\u0026lang=en\u0026sort=cr_date_desc\u0026prod=\u0026pver=\u0026ct=Security+Bulletin"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.citrix.com/article/CTX247738"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Citrix Application Delivery Management (ADM) 12.1.x before 12.1.50.33 has Incorrect Access Control."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-06-05T16:20:43",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.citrix.com/v1/search?searchQuery=%22%22\u0026lang=en\u0026sort=cr_date_desc\u0026prod=\u0026pver=\u0026ct=Security+Bulletin"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.citrix.com/article/CTX247738"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-9548",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Citrix Application Delivery Management (ADM) 12.1.x before 12.1.50.33 has Incorrect Access Control."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.citrix.com/v1/search?searchQuery=%22%22\u0026lang=en\u0026sort=cr_date_desc\u0026prod=\u0026pver=\u0026ct=Security+Bulletin",
"refsource": "MISC",
"url": "https://support.citrix.com/v1/search?searchQuery=%22%22\u0026lang=en\u0026sort=cr_date_desc\u0026prod=\u0026pver=\u0026ct=Security+Bulletin"
},
{
"name": "https://support.citrix.com/article/CTX247738",
"refsource": "CONFIRM",
"url": "https://support.citrix.com/article/CTX247738"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-9548",
"datePublished": "2019-06-05T16:20:43",
"dateReserved": "2019-03-01T00:00:00",
"dateUpdated": "2024-08-04T21:54:44.419Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}