Credential Exposure in Citrix NetScaler ADC and Gateway Due to Browser Cache Vulnerability
CVE-2015-7996

Currently unrated

Key Information:

Vendor: Citrix
Status: Netscaler Application Delivery Controller Firmware
Vendor: CVE Published:; 17 November 2015

Summary

The Nitro API in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway versions prior to specific builds have a vulnerability that allows attackers to access sensitive credentials due to improper handling of browser cache data. Exploitation of this vulnerability exposes user credentials, posing a significant risk to system security and requiring immediate attention from affected users to mitigate potential unauthorized access.

References

http://www.securitytracker.com/id/1034167

vdb-entryx_refsource_SECTRACK

http://support.citrix.com/article/CTX202482

x_refsource_CONFIRM

Timeline

Vulnerability published
Nov 17, 2015
Vulnerability Reserved
Oct 28, 2015