Search
Find a vulnerability
Search criteria
14 vulnerabilities found for netscaler_access_gateway_firmware by citrix
CVE-2014-4347 (GCVE-0-2014-4347)
Vulnerability from nvd – Published: 2014-07-16 14:00 – Updated: 2024-08-06 11:12
VLAI
Summary
Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway (formerly Access Gateway Enterprise Edition) before 9.3-62.4 and 10.x before 10.1-126.12 allows attackers to obtain sensitive information via vectors related to a cookie.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
9 references
| URL | Tags |
|---|---|
| https://www.sec-consult.com/fxdata/seccons/prod/t… | x_refsource_MISC |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securitytracker.com/id/1030573 | vdb-entryx_refsource_SECTRACK |
| http://support.citrix.com/article/CTX140863 | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/68537 | vdb-entryx_refsource_BID |
| http://secunia.com/advisories/59942 | third-party-advisoryx_refsource_SECUNIA |
| http://seclists.org/fulldisclosure/2014/Jul/77 | mailing-listx_refsource_FULLDISC |
| http://www.securitytracker.com/id/1030572 | vdb-entryx_refsource_SECTRACK |
| http://www.securityfocus.com/archive/1/532802/100… | mailing-listx_refsource_BUGTRAQ |
Date Public
2014-07-15 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T11:12:35.138Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140716-2_Citrix_NetScaler_Multiple_Vulnerabilities_v10.txt"
},
{
"name": "citrix-netscaler-cve20144347-info-disc(94494)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94494"
},
{
"name": "1030573",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1030573"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.citrix.com/article/CTX140863"
},
{
"name": "68537",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/68537"
},
{
"name": "59942",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59942"
},
{
"name": "20140716 SEC Consult SA-20140716-2 :: Multiple vulnerabilities in Citrix NetScaler Application Delivery Controller and Citrix NetScaler Gateway",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2014/Jul/77"
},
{
"name": "1030572",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1030572"
},
{
"name": "20140716 SEC Consult SA-20140716-2 :: Multiple vulnerabilities in Citrix NetScaler Application Delivery Controller and Citrix NetScaler Gateway",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/532802/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-07-15T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway (formerly Access Gateway Enterprise Edition) before 9.3-62.4 and 10.x before 10.1-126.12 allows attackers to obtain sensitive information via vectors related to a cookie."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140716-2_Citrix_NetScaler_Multiple_Vulnerabilities_v10.txt"
},
{
"name": "citrix-netscaler-cve20144347-info-disc(94494)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94494"
},
{
"name": "1030573",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1030573"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.citrix.com/article/CTX140863"
},
{
"name": "68537",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/68537"
},
{
"name": "59942",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59942"
},
{
"name": "20140716 SEC Consult SA-20140716-2 :: Multiple vulnerabilities in Citrix NetScaler Application Delivery Controller and Citrix NetScaler Gateway",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2014/Jul/77"
},
{
"name": "1030572",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1030572"
},
{
"name": "20140716 SEC Consult SA-20140716-2 :: Multiple vulnerabilities in Citrix NetScaler Application Delivery Controller and Citrix NetScaler Gateway",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/532802/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-4347",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway (formerly Access Gateway Enterprise Edition) before 9.3-62.4 and 10.x before 10.1-126.12 allows attackers to obtain sensitive information via vectors related to a cookie."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140716-2_Citrix_NetScaler_Multiple_Vulnerabilities_v10.txt",
"refsource": "MISC",
"url": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140716-2_Citrix_NetScaler_Multiple_Vulnerabilities_v10.txt"
},
{
"name": "citrix-netscaler-cve20144347-info-disc(94494)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94494"
},
{
"name": "1030573",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030573"
},
{
"name": "http://support.citrix.com/article/CTX140863",
"refsource": "CONFIRM",
"url": "http://support.citrix.com/article/CTX140863"
},
{
"name": "68537",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/68537"
},
{
"name": "59942",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59942"
},
{
"name": "20140716 SEC Consult SA-20140716-2 :: Multiple vulnerabilities in Citrix NetScaler Application Delivery Controller and Citrix NetScaler Gateway",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2014/Jul/77"
},
{
"name": "1030572",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030572"
},
{
"name": "20140716 SEC Consult SA-20140716-2 :: Multiple vulnerabilities in Citrix NetScaler Application Delivery Controller and Citrix NetScaler Gateway",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/532802/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-4347",
"datePublished": "2014-07-16T14:00:00.000Z",
"dateReserved": "2014-06-20T00:00:00.000Z",
"dateUpdated": "2024-08-06T11:12:35.138Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-4346 (GCVE-0-2014-4346)
Vulnerability from nvd – Published: 2014-07-16 14:00 – Updated: 2024-08-06 11:12
VLAI
Summary
Cross-site scripting (XSS) vulnerability in administration user interface in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway (formerly Access Gateway Enterprise Edition) 10.1 before 10.1-126.12 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
9 references
| URL | Tags |
|---|---|
| https://www.sec-consult.com/fxdata/seccons/prod/t… | x_refsource_MISC |
| http://www.securitytracker.com/id/1030573 | vdb-entryx_refsource_SECTRACK |
| http://support.citrix.com/article/CTX140863 | x_refsource_CONFIRM |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://secunia.com/advisories/59942 | third-party-advisoryx_refsource_SECUNIA |
| http://seclists.org/fulldisclosure/2014/Jul/77 | mailing-listx_refsource_FULLDISC |
| http://www.securitytracker.com/id/1030572 | vdb-entryx_refsource_SECTRACK |
| http://www.securityfocus.com/archive/1/532802/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/bid/68535 | vdb-entryx_refsource_BID |
Date Public
2014-07-15 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T11:12:35.131Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140716-2_Citrix_NetScaler_Multiple_Vulnerabilities_v10.txt"
},
{
"name": "1030573",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1030573"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.citrix.com/article/CTX140863"
},
{
"name": "citrix-netscaler-cve20144346-xss(94493)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94493"
},
{
"name": "59942",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59942"
},
{
"name": "20140716 SEC Consult SA-20140716-2 :: Multiple vulnerabilities in Citrix NetScaler Application Delivery Controller and Citrix NetScaler Gateway",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2014/Jul/77"
},
{
"name": "1030572",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1030572"
},
{
"name": "20140716 SEC Consult SA-20140716-2 :: Multiple vulnerabilities in Citrix NetScaler Application Delivery Controller and Citrix NetScaler Gateway",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/532802/100/0/threaded"
},
{
"name": "68535",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/68535"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-07-15T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in administration user interface in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway (formerly Access Gateway Enterprise Edition) 10.1 before 10.1-126.12 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140716-2_Citrix_NetScaler_Multiple_Vulnerabilities_v10.txt"
},
{
"name": "1030573",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1030573"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.citrix.com/article/CTX140863"
},
{
"name": "citrix-netscaler-cve20144346-xss(94493)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94493"
},
{
"name": "59942",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59942"
},
{
"name": "20140716 SEC Consult SA-20140716-2 :: Multiple vulnerabilities in Citrix NetScaler Application Delivery Controller and Citrix NetScaler Gateway",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2014/Jul/77"
},
{
"name": "1030572",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1030572"
},
{
"name": "20140716 SEC Consult SA-20140716-2 :: Multiple vulnerabilities in Citrix NetScaler Application Delivery Controller and Citrix NetScaler Gateway",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/532802/100/0/threaded"
},
{
"name": "68535",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/68535"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-4346",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in administration user interface in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway (formerly Access Gateway Enterprise Edition) 10.1 before 10.1-126.12 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140716-2_Citrix_NetScaler_Multiple_Vulnerabilities_v10.txt",
"refsource": "MISC",
"url": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140716-2_Citrix_NetScaler_Multiple_Vulnerabilities_v10.txt"
},
{
"name": "1030573",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030573"
},
{
"name": "http://support.citrix.com/article/CTX140863",
"refsource": "CONFIRM",
"url": "http://support.citrix.com/article/CTX140863"
},
{
"name": "citrix-netscaler-cve20144346-xss(94493)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94493"
},
{
"name": "59942",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59942"
},
{
"name": "20140716 SEC Consult SA-20140716-2 :: Multiple vulnerabilities in Citrix NetScaler Application Delivery Controller and Citrix NetScaler Gateway",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2014/Jul/77"
},
{
"name": "1030572",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030572"
},
{
"name": "20140716 SEC Consult SA-20140716-2 :: Multiple vulnerabilities in Citrix NetScaler Application Delivery Controller and Citrix NetScaler Gateway",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/532802/100/0/threaded"
},
{
"name": "68535",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/68535"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-4346",
"datePublished": "2014-07-16T14:00:00.000Z",
"dateReserved": "2014-06-20T00:00:00.000Z",
"dateUpdated": "2024-08-06T11:12:35.131Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-1899 (GCVE-0-2014-1899)
Vulnerability from nvd – Published: 2014-05-02 14:00 – Updated: 2024-08-06 09:58
VLAI
Summary
Cross-site scripting (XSS) vulnerability in Citrix NetScaler Gateway (formerly Citrix Access Gateway Enterprise Edition) 9.x before 9.3.66.5 and 10.x before 10.1.123.9 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://www.securitytracker.com/id/1030186 | vdb-entryx_refsource_SECTRACK |
| http://www.securityfocus.com/bid/67177 | vdb-entryx_refsource_BID |
| https://support.citrix.com/article/CTX140291 | x_refsource_CONFIRM |
Date Public
2014-04-30 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T09:58:15.993Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1030186",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1030186"
},
{
"name": "67177",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/67177"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.citrix.com/article/CTX140291"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-04-30T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in Citrix NetScaler Gateway (formerly Citrix Access Gateway Enterprise Edition) 9.x before 9.3.66.5 and 10.x before 10.1.123.9 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-05-14T16:57:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1030186",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1030186"
},
{
"name": "67177",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/67177"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.citrix.com/article/CTX140291"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-1899",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in Citrix NetScaler Gateway (formerly Citrix Access Gateway Enterprise Edition) 9.x before 9.3.66.5 and 10.x before 10.1.123.9 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1030186",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030186"
},
{
"name": "67177",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/67177"
},
{
"name": "https://support.citrix.com/article/CTX140291",
"refsource": "CONFIRM",
"url": "https://support.citrix.com/article/CTX140291"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-1899",
"datePublished": "2014-05-02T14:00:00.000Z",
"dateReserved": "2014-02-07T00:00:00.000Z",
"dateUpdated": "2024-08-06T09:58:15.993Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-2882 (GCVE-0-2014-2882)
Vulnerability from nvd – Published: 2014-05-01 14:00 – Updated: 2024-08-06 10:28
VLAI
Summary
Unspecified vulnerability in the management GUI in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 9.3-66.5 and 10.x before 10.1-122.17 has unspecified impact and vectors, related to certificate validation.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://www.securitytracker.com/id/1030180 | vdb-entryx_refsource_SECTRACK |
| http://support.citrix.com/article/CTX140651 | x_refsource_CONFIRM |
Date Public
2014-04-28 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:28:46.143Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1030180",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1030180"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.citrix.com/article/CTX140651"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-04-28T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the management GUI in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 9.3-66.5 and 10.x before 10.1-122.17 has unspecified impact and vectors, related to certificate validation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-05-01T11:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1030180",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1030180"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.citrix.com/article/CTX140651"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-2882",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the management GUI in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 9.3-66.5 and 10.x before 10.1-122.17 has unspecified impact and vectors, related to certificate validation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1030180",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030180"
},
{
"name": "http://support.citrix.com/article/CTX140651",
"refsource": "CONFIRM",
"url": "http://support.citrix.com/article/CTX140651"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-2882",
"datePublished": "2014-05-01T14:00:00.000Z",
"dateReserved": "2014-04-17T00:00:00.000Z",
"dateUpdated": "2024-08-06T10:28:46.143Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-2881 (GCVE-0-2014-2881)
Vulnerability from nvd – Published: 2014-05-01 14:00 – Updated: 2024-08-06 10:28
VLAI
Summary
Unspecified vulnerability in the Diffie-Hellman key agreement implementation in the management GUI Java applet in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 9.3-66.5 and 10.x before 10.1-122.17 has unknown impact and vectors.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://www.securitytracker.com/id/1030180 | vdb-entryx_refsource_SECTRACK |
| http://support.citrix.com/article/CTX140651 | x_refsource_CONFIRM |
Date Public
2014-04-28 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:28:46.349Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1030180",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1030180"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.citrix.com/article/CTX140651"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-04-28T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Diffie-Hellman key agreement implementation in the management GUI Java applet in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 9.3-66.5 and 10.x before 10.1-122.17 has unknown impact and vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-05-01T11:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1030180",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1030180"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.citrix.com/article/CTX140651"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-2881",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Diffie-Hellman key agreement implementation in the management GUI Java applet in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 9.3-66.5 and 10.x before 10.1-122.17 has unknown impact and vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1030180",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030180"
},
{
"name": "http://support.citrix.com/article/CTX140651",
"refsource": "CONFIRM",
"url": "http://support.citrix.com/article/CTX140651"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-2881",
"datePublished": "2014-05-01T14:00:00.000Z",
"dateReserved": "2014-04-17T00:00:00.000Z",
"dateUpdated": "2024-08-06T10:28:46.349Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-2767 (GCVE-0-2013-2767)
Vulnerability from nvd – Published: 2013-04-25 20:00 – Updated: 2024-09-17 00:26
VLAI
Summary
Unspecified vulnerability in Citrix NetScaler Access Gateway Enterprise Edition (AGEE) before 9.3.62.4 and 10.x through 10.0.74.4, and NetScaler AGEE Common Criteria build before 9.3.53.6, allows remote attackers to bypass intended intranet access restrictions via unknown vectors.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://support.citrix.com/article/ctx137238 | x_refsource_CONFIRM |
| http://www.kb.cert.org/vuls/id/521612 | third-party-advisoryx_refsource_CERT-VN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:44:33.642Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.citrix.com/article/ctx137238"
},
{
"name": "VU#521612",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/521612"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Citrix NetScaler Access Gateway Enterprise Edition (AGEE) before 9.3.62.4 and 10.x through 10.0.74.4, and NetScaler AGEE Common Criteria build before 9.3.53.6, allows remote attackers to bypass intended intranet access restrictions via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-04-25T20:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.citrix.com/article/ctx137238"
},
{
"name": "VU#521612",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/521612"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-2767",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Citrix NetScaler Access Gateway Enterprise Edition (AGEE) before 9.3.62.4 and 10.x through 10.0.74.4, and NetScaler AGEE Common Criteria build before 9.3.53.6, allows remote attackers to bypass intended intranet access restrictions via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://support.citrix.com/article/ctx137238",
"refsource": "CONFIRM",
"url": "http://support.citrix.com/article/ctx137238"
},
{
"name": "VU#521612",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/521612"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-2767",
"datePublished": "2013-04-25T20:00:00.000Z",
"dateReserved": "2013-04-07T00:00:00.000Z",
"dateUpdated": "2024-09-17T00:26:32.289Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-2213 (GCVE-0-2009-2213)
Vulnerability from nvd – Published: 2009-06-25 21:00 – Updated: 2024-10-21 16:31
VLAI
Summary
The default configuration of the Security global settings on the Citrix NetScaler Access Gateway appliance with Enterprise Edition firmware 9.0, 8.1, and earlier specifies Allow for the Default Authorization Action option, which might allow remote authenticated users to bypass intended access restrictions.
Severity
No CVSS data available.
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/bid/35422 | vdb-entryx_refsource_BID |
| http://www.vupen.com/english/advisories/2009/1641 | vdb-entryx_refsource_VUPEN |
| http://support.citrix.com/article/CTX118770 | x_refsource_CONFIRM |
Date Public
2009-05-05 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:44:55.357Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "netscaler-default-unauth-access(51274)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51274"
},
{
"name": "35422",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/35422"
},
{
"name": "ADV-2009-1641",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1641"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.citrix.com/article/CTX118770"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2009-2213",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-21T16:31:24.661375Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-21T16:31:37.448Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-05-05T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The default configuration of the Security global settings on the Citrix NetScaler Access Gateway appliance with Enterprise Edition firmware 9.0, 8.1, and earlier specifies Allow for the Default Authorization Action option, which might allow remote authenticated users to bypass intended access restrictions."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "netscaler-default-unauth-access(51274)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51274"
},
{
"name": "35422",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/35422"
},
{
"name": "ADV-2009-1641",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1641"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.citrix.com/article/CTX118770"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-2213",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The default configuration of the Security global settings on the Citrix NetScaler Access Gateway appliance with Enterprise Edition firmware 9.0, 8.1, and earlier specifies Allow for the Default Authorization Action option, which might allow remote authenticated users to bypass intended access restrictions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "netscaler-default-unauth-access(51274)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51274"
},
{
"name": "35422",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/35422"
},
{
"name": "ADV-2009-1641",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1641"
},
{
"name": "http://support.citrix.com/article/CTX118770",
"refsource": "CONFIRM",
"url": "http://support.citrix.com/article/CTX118770"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-2213",
"datePublished": "2009-06-25T21:00:00.000Z",
"dateReserved": "2009-06-25T00:00:00.000Z",
"dateUpdated": "2024-10-21T16:31:37.448Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-4347 (GCVE-0-2014-4347)
Vulnerability from cvelistv5 – Published: 2014-07-16 14:00 – Updated: 2024-08-06 11:12
VLAI
Summary
Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway (formerly Access Gateway Enterprise Edition) before 9.3-62.4 and 10.x before 10.1-126.12 allows attackers to obtain sensitive information via vectors related to a cookie.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
9 references
| URL | Tags |
|---|---|
| https://www.sec-consult.com/fxdata/seccons/prod/t… | x_refsource_MISC |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securitytracker.com/id/1030573 | vdb-entryx_refsource_SECTRACK |
| http://support.citrix.com/article/CTX140863 | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/68537 | vdb-entryx_refsource_BID |
| http://secunia.com/advisories/59942 | third-party-advisoryx_refsource_SECUNIA |
| http://seclists.org/fulldisclosure/2014/Jul/77 | mailing-listx_refsource_FULLDISC |
| http://www.securitytracker.com/id/1030572 | vdb-entryx_refsource_SECTRACK |
| http://www.securityfocus.com/archive/1/532802/100… | mailing-listx_refsource_BUGTRAQ |
Date Public
2014-07-15 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T11:12:35.138Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140716-2_Citrix_NetScaler_Multiple_Vulnerabilities_v10.txt"
},
{
"name": "citrix-netscaler-cve20144347-info-disc(94494)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94494"
},
{
"name": "1030573",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1030573"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.citrix.com/article/CTX140863"
},
{
"name": "68537",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/68537"
},
{
"name": "59942",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59942"
},
{
"name": "20140716 SEC Consult SA-20140716-2 :: Multiple vulnerabilities in Citrix NetScaler Application Delivery Controller and Citrix NetScaler Gateway",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2014/Jul/77"
},
{
"name": "1030572",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1030572"
},
{
"name": "20140716 SEC Consult SA-20140716-2 :: Multiple vulnerabilities in Citrix NetScaler Application Delivery Controller and Citrix NetScaler Gateway",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/532802/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-07-15T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway (formerly Access Gateway Enterprise Edition) before 9.3-62.4 and 10.x before 10.1-126.12 allows attackers to obtain sensitive information via vectors related to a cookie."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140716-2_Citrix_NetScaler_Multiple_Vulnerabilities_v10.txt"
},
{
"name": "citrix-netscaler-cve20144347-info-disc(94494)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94494"
},
{
"name": "1030573",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1030573"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.citrix.com/article/CTX140863"
},
{
"name": "68537",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/68537"
},
{
"name": "59942",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59942"
},
{
"name": "20140716 SEC Consult SA-20140716-2 :: Multiple vulnerabilities in Citrix NetScaler Application Delivery Controller and Citrix NetScaler Gateway",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2014/Jul/77"
},
{
"name": "1030572",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1030572"
},
{
"name": "20140716 SEC Consult SA-20140716-2 :: Multiple vulnerabilities in Citrix NetScaler Application Delivery Controller and Citrix NetScaler Gateway",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/532802/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-4347",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway (formerly Access Gateway Enterprise Edition) before 9.3-62.4 and 10.x before 10.1-126.12 allows attackers to obtain sensitive information via vectors related to a cookie."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140716-2_Citrix_NetScaler_Multiple_Vulnerabilities_v10.txt",
"refsource": "MISC",
"url": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140716-2_Citrix_NetScaler_Multiple_Vulnerabilities_v10.txt"
},
{
"name": "citrix-netscaler-cve20144347-info-disc(94494)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94494"
},
{
"name": "1030573",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030573"
},
{
"name": "http://support.citrix.com/article/CTX140863",
"refsource": "CONFIRM",
"url": "http://support.citrix.com/article/CTX140863"
},
{
"name": "68537",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/68537"
},
{
"name": "59942",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59942"
},
{
"name": "20140716 SEC Consult SA-20140716-2 :: Multiple vulnerabilities in Citrix NetScaler Application Delivery Controller and Citrix NetScaler Gateway",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2014/Jul/77"
},
{
"name": "1030572",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030572"
},
{
"name": "20140716 SEC Consult SA-20140716-2 :: Multiple vulnerabilities in Citrix NetScaler Application Delivery Controller and Citrix NetScaler Gateway",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/532802/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-4347",
"datePublished": "2014-07-16T14:00:00.000Z",
"dateReserved": "2014-06-20T00:00:00.000Z",
"dateUpdated": "2024-08-06T11:12:35.138Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-4346 (GCVE-0-2014-4346)
Vulnerability from cvelistv5 – Published: 2014-07-16 14:00 – Updated: 2024-08-06 11:12
VLAI
Summary
Cross-site scripting (XSS) vulnerability in administration user interface in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway (formerly Access Gateway Enterprise Edition) 10.1 before 10.1-126.12 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
9 references
| URL | Tags |
|---|---|
| https://www.sec-consult.com/fxdata/seccons/prod/t… | x_refsource_MISC |
| http://www.securitytracker.com/id/1030573 | vdb-entryx_refsource_SECTRACK |
| http://support.citrix.com/article/CTX140863 | x_refsource_CONFIRM |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://secunia.com/advisories/59942 | third-party-advisoryx_refsource_SECUNIA |
| http://seclists.org/fulldisclosure/2014/Jul/77 | mailing-listx_refsource_FULLDISC |
| http://www.securitytracker.com/id/1030572 | vdb-entryx_refsource_SECTRACK |
| http://www.securityfocus.com/archive/1/532802/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/bid/68535 | vdb-entryx_refsource_BID |
Date Public
2014-07-15 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T11:12:35.131Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140716-2_Citrix_NetScaler_Multiple_Vulnerabilities_v10.txt"
},
{
"name": "1030573",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1030573"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.citrix.com/article/CTX140863"
},
{
"name": "citrix-netscaler-cve20144346-xss(94493)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94493"
},
{
"name": "59942",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59942"
},
{
"name": "20140716 SEC Consult SA-20140716-2 :: Multiple vulnerabilities in Citrix NetScaler Application Delivery Controller and Citrix NetScaler Gateway",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2014/Jul/77"
},
{
"name": "1030572",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1030572"
},
{
"name": "20140716 SEC Consult SA-20140716-2 :: Multiple vulnerabilities in Citrix NetScaler Application Delivery Controller and Citrix NetScaler Gateway",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/532802/100/0/threaded"
},
{
"name": "68535",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/68535"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-07-15T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in administration user interface in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway (formerly Access Gateway Enterprise Edition) 10.1 before 10.1-126.12 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140716-2_Citrix_NetScaler_Multiple_Vulnerabilities_v10.txt"
},
{
"name": "1030573",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1030573"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.citrix.com/article/CTX140863"
},
{
"name": "citrix-netscaler-cve20144346-xss(94493)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94493"
},
{
"name": "59942",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59942"
},
{
"name": "20140716 SEC Consult SA-20140716-2 :: Multiple vulnerabilities in Citrix NetScaler Application Delivery Controller and Citrix NetScaler Gateway",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2014/Jul/77"
},
{
"name": "1030572",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1030572"
},
{
"name": "20140716 SEC Consult SA-20140716-2 :: Multiple vulnerabilities in Citrix NetScaler Application Delivery Controller and Citrix NetScaler Gateway",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/532802/100/0/threaded"
},
{
"name": "68535",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/68535"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-4346",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in administration user interface in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway (formerly Access Gateway Enterprise Edition) 10.1 before 10.1-126.12 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140716-2_Citrix_NetScaler_Multiple_Vulnerabilities_v10.txt",
"refsource": "MISC",
"url": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140716-2_Citrix_NetScaler_Multiple_Vulnerabilities_v10.txt"
},
{
"name": "1030573",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030573"
},
{
"name": "http://support.citrix.com/article/CTX140863",
"refsource": "CONFIRM",
"url": "http://support.citrix.com/article/CTX140863"
},
{
"name": "citrix-netscaler-cve20144346-xss(94493)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94493"
},
{
"name": "59942",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59942"
},
{
"name": "20140716 SEC Consult SA-20140716-2 :: Multiple vulnerabilities in Citrix NetScaler Application Delivery Controller and Citrix NetScaler Gateway",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2014/Jul/77"
},
{
"name": "1030572",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030572"
},
{
"name": "20140716 SEC Consult SA-20140716-2 :: Multiple vulnerabilities in Citrix NetScaler Application Delivery Controller and Citrix NetScaler Gateway",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/532802/100/0/threaded"
},
{
"name": "68535",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/68535"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-4346",
"datePublished": "2014-07-16T14:00:00.000Z",
"dateReserved": "2014-06-20T00:00:00.000Z",
"dateUpdated": "2024-08-06T11:12:35.131Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-1899 (GCVE-0-2014-1899)
Vulnerability from cvelistv5 – Published: 2014-05-02 14:00 – Updated: 2024-08-06 09:58
VLAI
Summary
Cross-site scripting (XSS) vulnerability in Citrix NetScaler Gateway (formerly Citrix Access Gateway Enterprise Edition) 9.x before 9.3.66.5 and 10.x before 10.1.123.9 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://www.securitytracker.com/id/1030186 | vdb-entryx_refsource_SECTRACK |
| http://www.securityfocus.com/bid/67177 | vdb-entryx_refsource_BID |
| https://support.citrix.com/article/CTX140291 | x_refsource_CONFIRM |
Date Public
2014-04-30 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T09:58:15.993Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1030186",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1030186"
},
{
"name": "67177",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/67177"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.citrix.com/article/CTX140291"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-04-30T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in Citrix NetScaler Gateway (formerly Citrix Access Gateway Enterprise Edition) 9.x before 9.3.66.5 and 10.x before 10.1.123.9 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-05-14T16:57:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1030186",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1030186"
},
{
"name": "67177",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/67177"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.citrix.com/article/CTX140291"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-1899",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in Citrix NetScaler Gateway (formerly Citrix Access Gateway Enterprise Edition) 9.x before 9.3.66.5 and 10.x before 10.1.123.9 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1030186",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030186"
},
{
"name": "67177",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/67177"
},
{
"name": "https://support.citrix.com/article/CTX140291",
"refsource": "CONFIRM",
"url": "https://support.citrix.com/article/CTX140291"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-1899",
"datePublished": "2014-05-02T14:00:00.000Z",
"dateReserved": "2014-02-07T00:00:00.000Z",
"dateUpdated": "2024-08-06T09:58:15.993Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-2881 (GCVE-0-2014-2881)
Vulnerability from cvelistv5 – Published: 2014-05-01 14:00 – Updated: 2024-08-06 10:28
VLAI
Summary
Unspecified vulnerability in the Diffie-Hellman key agreement implementation in the management GUI Java applet in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 9.3-66.5 and 10.x before 10.1-122.17 has unknown impact and vectors.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://www.securitytracker.com/id/1030180 | vdb-entryx_refsource_SECTRACK |
| http://support.citrix.com/article/CTX140651 | x_refsource_CONFIRM |
Date Public
2014-04-28 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:28:46.349Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1030180",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1030180"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.citrix.com/article/CTX140651"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-04-28T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Diffie-Hellman key agreement implementation in the management GUI Java applet in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 9.3-66.5 and 10.x before 10.1-122.17 has unknown impact and vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-05-01T11:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1030180",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1030180"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.citrix.com/article/CTX140651"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-2881",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Diffie-Hellman key agreement implementation in the management GUI Java applet in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 9.3-66.5 and 10.x before 10.1-122.17 has unknown impact and vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1030180",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030180"
},
{
"name": "http://support.citrix.com/article/CTX140651",
"refsource": "CONFIRM",
"url": "http://support.citrix.com/article/CTX140651"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-2881",
"datePublished": "2014-05-01T14:00:00.000Z",
"dateReserved": "2014-04-17T00:00:00.000Z",
"dateUpdated": "2024-08-06T10:28:46.349Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-2882 (GCVE-0-2014-2882)
Vulnerability from cvelistv5 – Published: 2014-05-01 14:00 – Updated: 2024-08-06 10:28
VLAI
Summary
Unspecified vulnerability in the management GUI in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 9.3-66.5 and 10.x before 10.1-122.17 has unspecified impact and vectors, related to certificate validation.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://www.securitytracker.com/id/1030180 | vdb-entryx_refsource_SECTRACK |
| http://support.citrix.com/article/CTX140651 | x_refsource_CONFIRM |
Date Public
2014-04-28 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:28:46.143Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1030180",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1030180"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.citrix.com/article/CTX140651"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-04-28T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the management GUI in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 9.3-66.5 and 10.x before 10.1-122.17 has unspecified impact and vectors, related to certificate validation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-05-01T11:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1030180",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1030180"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.citrix.com/article/CTX140651"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-2882",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the management GUI in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 9.3-66.5 and 10.x before 10.1-122.17 has unspecified impact and vectors, related to certificate validation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1030180",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030180"
},
{
"name": "http://support.citrix.com/article/CTX140651",
"refsource": "CONFIRM",
"url": "http://support.citrix.com/article/CTX140651"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-2882",
"datePublished": "2014-05-01T14:00:00.000Z",
"dateReserved": "2014-04-17T00:00:00.000Z",
"dateUpdated": "2024-08-06T10:28:46.143Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-2767 (GCVE-0-2013-2767)
Vulnerability from cvelistv5 – Published: 2013-04-25 20:00 – Updated: 2024-09-17 00:26
VLAI
Summary
Unspecified vulnerability in Citrix NetScaler Access Gateway Enterprise Edition (AGEE) before 9.3.62.4 and 10.x through 10.0.74.4, and NetScaler AGEE Common Criteria build before 9.3.53.6, allows remote attackers to bypass intended intranet access restrictions via unknown vectors.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://support.citrix.com/article/ctx137238 | x_refsource_CONFIRM |
| http://www.kb.cert.org/vuls/id/521612 | third-party-advisoryx_refsource_CERT-VN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:44:33.642Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.citrix.com/article/ctx137238"
},
{
"name": "VU#521612",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/521612"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Citrix NetScaler Access Gateway Enterprise Edition (AGEE) before 9.3.62.4 and 10.x through 10.0.74.4, and NetScaler AGEE Common Criteria build before 9.3.53.6, allows remote attackers to bypass intended intranet access restrictions via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-04-25T20:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.citrix.com/article/ctx137238"
},
{
"name": "VU#521612",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/521612"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-2767",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Citrix NetScaler Access Gateway Enterprise Edition (AGEE) before 9.3.62.4 and 10.x through 10.0.74.4, and NetScaler AGEE Common Criteria build before 9.3.53.6, allows remote attackers to bypass intended intranet access restrictions via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://support.citrix.com/article/ctx137238",
"refsource": "CONFIRM",
"url": "http://support.citrix.com/article/ctx137238"
},
{
"name": "VU#521612",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/521612"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-2767",
"datePublished": "2013-04-25T20:00:00.000Z",
"dateReserved": "2013-04-07T00:00:00.000Z",
"dateUpdated": "2024-09-17T00:26:32.289Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-2213 (GCVE-0-2009-2213)
Vulnerability from cvelistv5 – Published: 2009-06-25 21:00 – Updated: 2024-10-21 16:31
VLAI
Summary
The default configuration of the Security global settings on the Citrix NetScaler Access Gateway appliance with Enterprise Edition firmware 9.0, 8.1, and earlier specifies Allow for the Default Authorization Action option, which might allow remote authenticated users to bypass intended access restrictions.
Severity
No CVSS data available.
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/bid/35422 | vdb-entryx_refsource_BID |
| http://www.vupen.com/english/advisories/2009/1641 | vdb-entryx_refsource_VUPEN |
| http://support.citrix.com/article/CTX118770 | x_refsource_CONFIRM |
Date Public
2009-05-05 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:44:55.357Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "netscaler-default-unauth-access(51274)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51274"
},
{
"name": "35422",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/35422"
},
{
"name": "ADV-2009-1641",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1641"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.citrix.com/article/CTX118770"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2009-2213",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-21T16:31:24.661375Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-21T16:31:37.448Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-05-05T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The default configuration of the Security global settings on the Citrix NetScaler Access Gateway appliance with Enterprise Edition firmware 9.0, 8.1, and earlier specifies Allow for the Default Authorization Action option, which might allow remote authenticated users to bypass intended access restrictions."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "netscaler-default-unauth-access(51274)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51274"
},
{
"name": "35422",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/35422"
},
{
"name": "ADV-2009-1641",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1641"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.citrix.com/article/CTX118770"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-2213",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The default configuration of the Security global settings on the Citrix NetScaler Access Gateway appliance with Enterprise Edition firmware 9.0, 8.1, and earlier specifies Allow for the Default Authorization Action option, which might allow remote authenticated users to bypass intended access restrictions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "netscaler-default-unauth-access(51274)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51274"
},
{
"name": "35422",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/35422"
},
{
"name": "ADV-2009-1641",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1641"
},
{
"name": "http://support.citrix.com/article/CTX118770",
"refsource": "CONFIRM",
"url": "http://support.citrix.com/article/CTX118770"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-2213",
"datePublished": "2009-06-25T21:00:00.000Z",
"dateReserved": "2009-06-25T00:00:00.000Z",
"dateUpdated": "2024-10-21T16:31:37.448Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}