Search
Find a vulnerability
Search criteria
10 vulnerabilities found for application_delivery_management by citrix
CVE-2022-27512 (GCVE-0-2022-27512)
Vulnerability from nvd – Published: 2022-06-16 18:53 – Updated: 2024-09-16 23:35
VLAI
Title
Temporary disruption of the ADM license service
Summary
Temporary disruption of the ADM license service. The impact of this includes preventing new licenses from being issued or renewed by Citrix ADM.
Severity
No CVSS data available.
CWE
- CWE-664 - Improper Control of a Resource Through its Lifetime
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://support.citrix.com/article/CTX460016/citr… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Citrix | Citrix Application Delivery Management (Citrix ADM) |
Affected:
unspecified , < 13.1-21.53
(custom)
Affected: unspecified , < 13.0-85.19 (custom) |
Date Public
2022-06-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:32:58.967Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.citrix.com/article/CTX460016/citrix-application-delivery-management-security-bulletin-for-cve202227511-and-cve202227512"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Citrix Application Delivery Management (Citrix ADM)",
"vendor": "Citrix",
"versions": [
{
"lessThan": "13.1-21.53",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "13.0-85.19",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-06-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Temporary disruption of the ADM license service. The impact of this includes preventing new licenses from being issued or renewed by Citrix ADM."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-664",
"description": "CWE-664 Improper Control of a Resource Through its Lifetime",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-16T18:53:33.000Z",
"orgId": "e437aed5-38e0-4fa3-a98b-cb73e7acaec6",
"shortName": "Citrix"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.citrix.com/article/CTX460016/citrix-application-delivery-management-security-bulletin-for-cve202227511-and-cve202227512"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Temporary disruption of the ADM license service",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@citrix.com",
"DATE_PUBLIC": "2022-06-14T16:47:00.000Z",
"ID": "CVE-2022-27512",
"STATE": "PUBLIC",
"TITLE": "Temporary disruption of the ADM license service"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Citrix Application Delivery Management (Citrix ADM)",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "13.1-21.53"
},
{
"version_affected": "\u003c",
"version_value": "13.0-85.19"
}
]
}
}
]
},
"vendor_name": "Citrix"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Temporary disruption of the ADM license service. The impact of this includes preventing new licenses from being issued or renewed by Citrix ADM."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-664 Improper Control of a Resource Through its Lifetime"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.citrix.com/article/CTX460016/citrix-application-delivery-management-security-bulletin-for-cve202227511-and-cve202227512",
"refsource": "MISC",
"url": "https://support.citrix.com/article/CTX460016/citrix-application-delivery-management-security-bulletin-for-cve202227511-and-cve202227512"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e437aed5-38e0-4fa3-a98b-cb73e7acaec6",
"assignerShortName": "Citrix",
"cveId": "CVE-2022-27512",
"datePublished": "2022-06-16T18:53:33.283Z",
"dateReserved": "2022-03-21T00:00:00.000Z",
"dateUpdated": "2024-09-16T23:35:26.170Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-27511 (GCVE-0-2022-27511)
Vulnerability from nvd – Published: 2022-06-16 18:53 – Updated: 2024-09-17 01:10
VLAI
Title
Corruption of the system by a remote, unauthenticated user potentially leading to the reset of the administrator password
Summary
Corruption of the system by a remote, unauthenticated user. The impact of this can include the reset of the administrator password at the next device reboot, allowing an attacker with ssh access to connect with the default administrator credentials after the device has rebooted.
Severity
No CVSS data available.
CWE
- CWE-284 - Improper Access Control
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://support.citrix.com/article/CTX460016/citr… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Citrix | Citrix Application Delivery Management (Citrix ADM) |
Affected:
unspecified , < 13.1-21.53
(custom)
Affected: unspecified , < 13.0-85.19 (custom) |
Date Public
2022-06-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:32:59.180Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.citrix.com/article/CTX460016/citrix-application-delivery-management-security-bulletin-for-cve202227511-and-cve202227512"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Citrix Application Delivery Management (Citrix ADM)",
"vendor": "Citrix",
"versions": [
{
"lessThan": "13.1-21.53",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "13.0-85.19",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-06-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Corruption of the system by a remote, unauthenticated user. The impact of this can include the reset of the administrator password at the next device reboot, allowing an attacker with ssh access to connect with the default administrator credentials after the device has rebooted."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-16T18:53:14.000Z",
"orgId": "e437aed5-38e0-4fa3-a98b-cb73e7acaec6",
"shortName": "Citrix"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.citrix.com/article/CTX460016/citrix-application-delivery-management-security-bulletin-for-cve202227511-and-cve202227512"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Corruption of the system by a remote, unauthenticated user potentially leading to the reset of the administrator password",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@citrix.com",
"DATE_PUBLIC": "2022-06-14T16:47:00.000Z",
"ID": "CVE-2022-27511",
"STATE": "PUBLIC",
"TITLE": "Corruption of the system by a remote, unauthenticated user potentially leading to the reset of the administrator password"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Citrix Application Delivery Management (Citrix ADM)",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "13.1-21.53"
},
{
"version_affected": "\u003c",
"version_value": "13.0-85.19"
}
]
}
}
]
},
"vendor_name": "Citrix"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Corruption of the system by a remote, unauthenticated user. The impact of this can include the reset of the administrator password at the next device reboot, allowing an attacker with ssh access to connect with the default administrator credentials after the device has rebooted."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-284 Improper Access Control"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.citrix.com/article/CTX460016/citrix-application-delivery-management-security-bulletin-for-cve202227511-and-cve202227512",
"refsource": "MISC",
"url": "https://support.citrix.com/article/CTX460016/citrix-application-delivery-management-security-bulletin-for-cve202227511-and-cve202227512"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e437aed5-38e0-4fa3-a98b-cb73e7acaec6",
"assignerShortName": "Citrix",
"cveId": "CVE-2022-27511",
"datePublished": "2022-06-16T18:53:14.582Z",
"dateReserved": "2022-03-21T00:00:00.000Z",
"dateUpdated": "2024-09-17T01:10:57.643Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22920 (GCVE-0-2021-22920)
Vulnerability from nvd – Published: 2021-08-05 20:16 – Updated: 2024-08-03 18:58
VLAI
Summary
A vulnerability has been discovered in Citrix ADC (formerly known as NetScaler ADC) and Citrix Gateway (formerly known as NetScaler Gateway), and Citrix SD-WAN WANOP Edition models 4000-WO, 4100-WO, 5000-WO, and 5100-WO. These vulnerabilities, if exploited, could lead to a phishing attack through a SAML authentication hijack to steal a valid user session.
Severity
No CVSS data available.
CWE
- CWE-284 - Improper Access Control - Generic (CWE-284)
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://support.citrix.com/article/CTX319135 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Citrix ADC, Citrix Gateway |
Affected:
Citrix ADC and Citrix Gateway 13.0-82.45 and later releases of 13.0
Affected: Citrix ADC and Citrix Gateway 12.1-62.27 and later releases of 12.1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:58:25.644Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.citrix.com/article/CTX319135"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Citrix ADC, Citrix Gateway",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Citrix ADC and Citrix Gateway 13.0-82.45 and later releases of 13.0"
},
{
"status": "affected",
"version": "Citrix ADC and Citrix Gateway 12.1-62.27 and later releases of 12.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been discovered in Citrix ADC (formerly known as NetScaler ADC) and Citrix Gateway (formerly known as NetScaler Gateway), and Citrix SD-WAN WANOP Edition models 4000-WO, 4100-WO, 5000-WO, and 5100-WO. These vulnerabilities, if exploited, could lead to a phishing attack through a SAML authentication hijack to steal a valid user session."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "Improper Access Control - Generic (CWE-284)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-05T20:16:49.000Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.citrix.com/article/CTX319135"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "support@hackerone.com",
"ID": "CVE-2021-22920",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Citrix ADC, Citrix Gateway",
"version": {
"version_data": [
{
"version_value": "Citrix ADC and Citrix Gateway 13.0-82.45 and later releases of 13.0"
},
{
"version_value": "Citrix ADC and Citrix Gateway 12.1-62.27 and later releases of 12.1"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been discovered in Citrix ADC (formerly known as NetScaler ADC) and Citrix Gateway (formerly known as NetScaler Gateway), and Citrix SD-WAN WANOP Edition models 4000-WO, 4100-WO, 5000-WO, and 5100-WO. These vulnerabilities, if exploited, could lead to a phishing attack through a SAML authentication hijack to steal a valid user session."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Access Control - Generic (CWE-284)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.citrix.com/article/CTX319135",
"refsource": "MISC",
"url": "https://support.citrix.com/article/CTX319135"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2021-22920",
"datePublished": "2021-08-05T20:16:49.000Z",
"dateReserved": "2021-01-06T00:00:00.000Z",
"dateUpdated": "2024-08-03T18:58:25.644Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-17366 (GCVE-0-2019-17366)
Vulnerability from nvd – Published: 2019-10-09 21:12 – Updated: 2024-08-05 01:40
VLAI
Summary
Citrix Application Delivery Management (ADM) 12.1 before build 54.13 has Incorrect Access Control.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://support.citrix.com/article/CTX261735 | x_refsource_CONFIRM |
Date Public
2019-10-08 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T01:40:15.218Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.citrix.com/article/CTX261735"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2019-10-08T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Citrix Application Delivery Management (ADM) 12.1 before build 54.13 has Incorrect Access Control."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-10-09T21:12:28.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.citrix.com/article/CTX261735"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-17366",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Citrix Application Delivery Management (ADM) 12.1 before build 54.13 has Incorrect Access Control."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.citrix.com/article/CTX261735",
"refsource": "CONFIRM",
"url": "https://support.citrix.com/article/CTX261735"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-17366",
"datePublished": "2019-10-09T21:12:28.000Z",
"dateReserved": "2019-10-09T00:00:00.000Z",
"dateUpdated": "2024-08-05T01:40:15.218Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-9548 (GCVE-0-2019-9548)
Vulnerability from nvd – Published: 2019-06-05 16:20 – Updated: 2024-08-04 21:54
VLAI
Summary
Citrix Application Delivery Management (ADM) 12.1.x before 12.1.50.33 has Incorrect Access Control.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://support.citrix.com/v1/search?searchQuery=… | x_refsource_MISC |
| https://support.citrix.com/article/CTX247738 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T21:54:44.419Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.citrix.com/v1/search?searchQuery=%22%22\u0026lang=en\u0026sort=cr_date_desc\u0026prod=\u0026pver=\u0026ct=Security+Bulletin"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.citrix.com/article/CTX247738"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Citrix Application Delivery Management (ADM) 12.1.x before 12.1.50.33 has Incorrect Access Control."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-06-05T16:20:43.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.citrix.com/v1/search?searchQuery=%22%22\u0026lang=en\u0026sort=cr_date_desc\u0026prod=\u0026pver=\u0026ct=Security+Bulletin"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.citrix.com/article/CTX247738"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-9548",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Citrix Application Delivery Management (ADM) 12.1.x before 12.1.50.33 has Incorrect Access Control."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.citrix.com/v1/search?searchQuery=%22%22\u0026lang=en\u0026sort=cr_date_desc\u0026prod=\u0026pver=\u0026ct=Security+Bulletin",
"refsource": "MISC",
"url": "https://support.citrix.com/v1/search?searchQuery=%22%22\u0026lang=en\u0026sort=cr_date_desc\u0026prod=\u0026pver=\u0026ct=Security+Bulletin"
},
{
"name": "https://support.citrix.com/article/CTX247738",
"refsource": "CONFIRM",
"url": "https://support.citrix.com/article/CTX247738"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-9548",
"datePublished": "2019-06-05T16:20:43.000Z",
"dateReserved": "2019-03-01T00:00:00.000Z",
"dateUpdated": "2024-08-04T21:54:44.419Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-27512 (GCVE-0-2022-27512)
Vulnerability from cvelistv5 – Published: 2022-06-16 18:53 – Updated: 2024-09-16 23:35
VLAI
Title
Temporary disruption of the ADM license service
Summary
Temporary disruption of the ADM license service. The impact of this includes preventing new licenses from being issued or renewed by Citrix ADM.
Severity
No CVSS data available.
CWE
- CWE-664 - Improper Control of a Resource Through its Lifetime
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://support.citrix.com/article/CTX460016/citr… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Citrix | Citrix Application Delivery Management (Citrix ADM) |
Affected:
unspecified , < 13.1-21.53
(custom)
Affected: unspecified , < 13.0-85.19 (custom) |
Date Public
2022-06-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:32:58.967Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.citrix.com/article/CTX460016/citrix-application-delivery-management-security-bulletin-for-cve202227511-and-cve202227512"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Citrix Application Delivery Management (Citrix ADM)",
"vendor": "Citrix",
"versions": [
{
"lessThan": "13.1-21.53",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "13.0-85.19",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-06-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Temporary disruption of the ADM license service. The impact of this includes preventing new licenses from being issued or renewed by Citrix ADM."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-664",
"description": "CWE-664 Improper Control of a Resource Through its Lifetime",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-16T18:53:33.000Z",
"orgId": "e437aed5-38e0-4fa3-a98b-cb73e7acaec6",
"shortName": "Citrix"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.citrix.com/article/CTX460016/citrix-application-delivery-management-security-bulletin-for-cve202227511-and-cve202227512"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Temporary disruption of the ADM license service",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@citrix.com",
"DATE_PUBLIC": "2022-06-14T16:47:00.000Z",
"ID": "CVE-2022-27512",
"STATE": "PUBLIC",
"TITLE": "Temporary disruption of the ADM license service"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Citrix Application Delivery Management (Citrix ADM)",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "13.1-21.53"
},
{
"version_affected": "\u003c",
"version_value": "13.0-85.19"
}
]
}
}
]
},
"vendor_name": "Citrix"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Temporary disruption of the ADM license service. The impact of this includes preventing new licenses from being issued or renewed by Citrix ADM."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-664 Improper Control of a Resource Through its Lifetime"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.citrix.com/article/CTX460016/citrix-application-delivery-management-security-bulletin-for-cve202227511-and-cve202227512",
"refsource": "MISC",
"url": "https://support.citrix.com/article/CTX460016/citrix-application-delivery-management-security-bulletin-for-cve202227511-and-cve202227512"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e437aed5-38e0-4fa3-a98b-cb73e7acaec6",
"assignerShortName": "Citrix",
"cveId": "CVE-2022-27512",
"datePublished": "2022-06-16T18:53:33.283Z",
"dateReserved": "2022-03-21T00:00:00.000Z",
"dateUpdated": "2024-09-16T23:35:26.170Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-27511 (GCVE-0-2022-27511)
Vulnerability from cvelistv5 – Published: 2022-06-16 18:53 – Updated: 2024-09-17 01:10
VLAI
Title
Corruption of the system by a remote, unauthenticated user potentially leading to the reset of the administrator password
Summary
Corruption of the system by a remote, unauthenticated user. The impact of this can include the reset of the administrator password at the next device reboot, allowing an attacker with ssh access to connect with the default administrator credentials after the device has rebooted.
Severity
No CVSS data available.
CWE
- CWE-284 - Improper Access Control
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://support.citrix.com/article/CTX460016/citr… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Citrix | Citrix Application Delivery Management (Citrix ADM) |
Affected:
unspecified , < 13.1-21.53
(custom)
Affected: unspecified , < 13.0-85.19 (custom) |
Date Public
2022-06-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:32:59.180Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.citrix.com/article/CTX460016/citrix-application-delivery-management-security-bulletin-for-cve202227511-and-cve202227512"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Citrix Application Delivery Management (Citrix ADM)",
"vendor": "Citrix",
"versions": [
{
"lessThan": "13.1-21.53",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "13.0-85.19",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-06-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Corruption of the system by a remote, unauthenticated user. The impact of this can include the reset of the administrator password at the next device reboot, allowing an attacker with ssh access to connect with the default administrator credentials after the device has rebooted."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-16T18:53:14.000Z",
"orgId": "e437aed5-38e0-4fa3-a98b-cb73e7acaec6",
"shortName": "Citrix"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.citrix.com/article/CTX460016/citrix-application-delivery-management-security-bulletin-for-cve202227511-and-cve202227512"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Corruption of the system by a remote, unauthenticated user potentially leading to the reset of the administrator password",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@citrix.com",
"DATE_PUBLIC": "2022-06-14T16:47:00.000Z",
"ID": "CVE-2022-27511",
"STATE": "PUBLIC",
"TITLE": "Corruption of the system by a remote, unauthenticated user potentially leading to the reset of the administrator password"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Citrix Application Delivery Management (Citrix ADM)",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "13.1-21.53"
},
{
"version_affected": "\u003c",
"version_value": "13.0-85.19"
}
]
}
}
]
},
"vendor_name": "Citrix"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Corruption of the system by a remote, unauthenticated user. The impact of this can include the reset of the administrator password at the next device reboot, allowing an attacker with ssh access to connect with the default administrator credentials after the device has rebooted."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-284 Improper Access Control"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.citrix.com/article/CTX460016/citrix-application-delivery-management-security-bulletin-for-cve202227511-and-cve202227512",
"refsource": "MISC",
"url": "https://support.citrix.com/article/CTX460016/citrix-application-delivery-management-security-bulletin-for-cve202227511-and-cve202227512"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e437aed5-38e0-4fa3-a98b-cb73e7acaec6",
"assignerShortName": "Citrix",
"cveId": "CVE-2022-27511",
"datePublished": "2022-06-16T18:53:14.582Z",
"dateReserved": "2022-03-21T00:00:00.000Z",
"dateUpdated": "2024-09-17T01:10:57.643Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22920 (GCVE-0-2021-22920)
Vulnerability from cvelistv5 – Published: 2021-08-05 20:16 – Updated: 2024-08-03 18:58
VLAI
Summary
A vulnerability has been discovered in Citrix ADC (formerly known as NetScaler ADC) and Citrix Gateway (formerly known as NetScaler Gateway), and Citrix SD-WAN WANOP Edition models 4000-WO, 4100-WO, 5000-WO, and 5100-WO. These vulnerabilities, if exploited, could lead to a phishing attack through a SAML authentication hijack to steal a valid user session.
Severity
No CVSS data available.
CWE
- CWE-284 - Improper Access Control - Generic (CWE-284)
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://support.citrix.com/article/CTX319135 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Citrix ADC, Citrix Gateway |
Affected:
Citrix ADC and Citrix Gateway 13.0-82.45 and later releases of 13.0
Affected: Citrix ADC and Citrix Gateway 12.1-62.27 and later releases of 12.1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:58:25.644Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.citrix.com/article/CTX319135"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Citrix ADC, Citrix Gateway",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Citrix ADC and Citrix Gateway 13.0-82.45 and later releases of 13.0"
},
{
"status": "affected",
"version": "Citrix ADC and Citrix Gateway 12.1-62.27 and later releases of 12.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been discovered in Citrix ADC (formerly known as NetScaler ADC) and Citrix Gateway (formerly known as NetScaler Gateway), and Citrix SD-WAN WANOP Edition models 4000-WO, 4100-WO, 5000-WO, and 5100-WO. These vulnerabilities, if exploited, could lead to a phishing attack through a SAML authentication hijack to steal a valid user session."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "Improper Access Control - Generic (CWE-284)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-05T20:16:49.000Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.citrix.com/article/CTX319135"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "support@hackerone.com",
"ID": "CVE-2021-22920",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Citrix ADC, Citrix Gateway",
"version": {
"version_data": [
{
"version_value": "Citrix ADC and Citrix Gateway 13.0-82.45 and later releases of 13.0"
},
{
"version_value": "Citrix ADC and Citrix Gateway 12.1-62.27 and later releases of 12.1"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been discovered in Citrix ADC (formerly known as NetScaler ADC) and Citrix Gateway (formerly known as NetScaler Gateway), and Citrix SD-WAN WANOP Edition models 4000-WO, 4100-WO, 5000-WO, and 5100-WO. These vulnerabilities, if exploited, could lead to a phishing attack through a SAML authentication hijack to steal a valid user session."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Access Control - Generic (CWE-284)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.citrix.com/article/CTX319135",
"refsource": "MISC",
"url": "https://support.citrix.com/article/CTX319135"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2021-22920",
"datePublished": "2021-08-05T20:16:49.000Z",
"dateReserved": "2021-01-06T00:00:00.000Z",
"dateUpdated": "2024-08-03T18:58:25.644Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-17366 (GCVE-0-2019-17366)
Vulnerability from cvelistv5 – Published: 2019-10-09 21:12 – Updated: 2024-08-05 01:40
VLAI
Summary
Citrix Application Delivery Management (ADM) 12.1 before build 54.13 has Incorrect Access Control.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://support.citrix.com/article/CTX261735 | x_refsource_CONFIRM |
Date Public
2019-10-08 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T01:40:15.218Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.citrix.com/article/CTX261735"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2019-10-08T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Citrix Application Delivery Management (ADM) 12.1 before build 54.13 has Incorrect Access Control."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-10-09T21:12:28.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.citrix.com/article/CTX261735"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-17366",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Citrix Application Delivery Management (ADM) 12.1 before build 54.13 has Incorrect Access Control."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.citrix.com/article/CTX261735",
"refsource": "CONFIRM",
"url": "https://support.citrix.com/article/CTX261735"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-17366",
"datePublished": "2019-10-09T21:12:28.000Z",
"dateReserved": "2019-10-09T00:00:00.000Z",
"dateUpdated": "2024-08-05T01:40:15.218Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-9548 (GCVE-0-2019-9548)
Vulnerability from cvelistv5 – Published: 2019-06-05 16:20 – Updated: 2024-08-04 21:54
VLAI
Summary
Citrix Application Delivery Management (ADM) 12.1.x before 12.1.50.33 has Incorrect Access Control.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://support.citrix.com/v1/search?searchQuery=… | x_refsource_MISC |
| https://support.citrix.com/article/CTX247738 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T21:54:44.419Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.citrix.com/v1/search?searchQuery=%22%22\u0026lang=en\u0026sort=cr_date_desc\u0026prod=\u0026pver=\u0026ct=Security+Bulletin"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.citrix.com/article/CTX247738"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Citrix Application Delivery Management (ADM) 12.1.x before 12.1.50.33 has Incorrect Access Control."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-06-05T16:20:43.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.citrix.com/v1/search?searchQuery=%22%22\u0026lang=en\u0026sort=cr_date_desc\u0026prod=\u0026pver=\u0026ct=Security+Bulletin"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.citrix.com/article/CTX247738"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-9548",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Citrix Application Delivery Management (ADM) 12.1.x before 12.1.50.33 has Incorrect Access Control."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.citrix.com/v1/search?searchQuery=%22%22\u0026lang=en\u0026sort=cr_date_desc\u0026prod=\u0026pver=\u0026ct=Security+Bulletin",
"refsource": "MISC",
"url": "https://support.citrix.com/v1/search?searchQuery=%22%22\u0026lang=en\u0026sort=cr_date_desc\u0026prod=\u0026pver=\u0026ct=Security+Bulletin"
},
{
"name": "https://support.citrix.com/article/CTX247738",
"refsource": "CONFIRM",
"url": "https://support.citrix.com/article/CTX247738"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-9548",
"datePublished": "2019-06-05T16:20:43.000Z",
"dateReserved": "2019-03-01T00:00:00.000Z",
"dateUpdated": "2024-08-04T21:54:44.419Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}