LDAP Injection Vulnerability in Citrix NetScaler Application Delivery Controller
CVE-2013-6943

Currently unrated

Key Information:

Vendor: Citrix
Status: Netscaler Application Delivery Controller Firmware
Vendor: CVE Published:; 11 March 2014

Summary

The Citrix NetScaler Application Delivery Controller contains a vulnerability that permits remote attackers to exploit LDAP injection through improper handling of SSH and web management usernames. This security flaw can be leveraged to manipulate LDAP queries, potentially allowing unauthorized access and data extraction from the LDAP server. Organizations using affected versions should apply the necessary patches promptly to protect against potential unauthorized access and ensure the integrity of their user data.

References

http://support.citrix.com/article/CTX139049

x_refsource_CONFIRM

Timeline

Vulnerability published
Mar 11, 2014
Vulnerability Reserved
Dec 4, 2013