CVE-2009-2213

6.5MEDIUM

Key Information:

Vendor
Citrix
Status
Netscaler Access Gateway Firmware
Netscaler Access Gateway
Vendor
CVE Published:
25 June 2009

Summary

The default configuration of the Security global settings on the Citrix NetScaler Access Gateway appliance with Enterprise Edition firmware 9.0, 8.1, and earlier specifies Allow for the Default Authorization Action option, which might allow remote authenticated users to bypass intended access restrictions.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/51274
vdb-entryx_refsource_XF
http://www.securityfocus.com/bid/35422
vdb-entryx_refsource_BID
http://www.vupen.com/english/advisories/2009/1641
vdb-entryx_refsource_VUPEN

CVSS V3.1

Score:
6.5
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Collectors

NVD DatabaseMitre Database
.