Diffie-Hellman Key Agreement Vulnerability in Citrix NetScaler Products
CVE-2014-2881

Currently unrated

Key Information:

Vendor: Citrix
Status: Netscaler Access Gateway Firmware; Netscaler Application Delivery Controller Firmware; Netscaler Application Delivery Controller
Vendor: CVE Published:; 1 May 2014

Summary

An unspecified vulnerability has been found in the Diffie-Hellman key agreement implementation within the management GUI Java applet of Citrix's NetScaler Application Delivery Controller and NetScaler Gateway. This defect affects versions released prior to 9.3-66.5 for ADC and 10.1-122.17 for Gateway. As a result, the security impact and potential attack vectors remain unidentified, raising concerns about the confidentiality and integrity of data transmitted using this protocol.

References

http://www.securitytracker.com/id/1030180

vdb-entryx_refsource_SECTRACK

http://support.citrix.com/article/CTX140651

x_refsource_CONFIRM

Timeline

Vulnerability published
May 1, 2014
Vulnerability Reserved
Apr 17, 2014