Information Disclosure in Citrix NetScaler ADC and Gateway
CVE-2014-4347

Currently unrated

Key Information:

Vendor: Citrix
Status: Netscaler Access Gateway Firmware; Netscaler Access Gateway
Vendor: CVE Published:; 16 July 2014

Summary

Citrix NetScaler Application Delivery Controller and NetScaler Gateway have a vulnerability that allows attackers to access sensitive information through exploiting weaknesses in cookie management. This weakness targets specific versions of the products, which may expose user data and session identifiers, leading to potential unauthorized access. Proper configurations and updates are essential to mitigate these risks and enhance the security posture of affected systems.

References

https://www.sec-consult.com/fxdata/seccons/prod/temedia/a...

x_refsource_MISC

https://exchange.xforce.ibmcloud.com/vulnerabilities/94494

vdb-entryx_refsource_XF

http://www.securitytracker.com/id/1030573

vdb-entryx_refsource_SECTRACK

Timeline

Vulnerability published
Jul 16, 2014
Vulnerability Reserved
Jun 20, 2014