Security Configuration Flaw in Citrix NetScaler Access Gateway Appliance
CVE-2009-2213

6.5MEDIUM

Key Information:

Vendor
Citrix
Vendor
CVE Published:
25 June 2009

Summary

A security configuration issue exists within the Citrix NetScaler Access Gateway Appliance, particularly in the default settings for the Security global settings. The default configuration permits the 'Allow' option for the Default Authorization Action, which may let remote authenticated users bypass access restrictions, potentially compromising sensitive data and the integrity of the network. Users are urged to review and modify their settings to prevent unauthorized access.

References

CVSS V3.1

Score:
6.5
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.