Management Interface Vulnerability in Citrix NetScaler Application Delivery Controller and Gateway
CVE-2017-14602

7.2HIGH

Key Information:

Vendor
Citrix
Status
Netscaler Gateway Firmware
Application Delivery Controller Firmware
Vendor
CVE Published:
26 September 2017

Summary

A vulnerability exists in the management interface of Citrix NetScaler Application Delivery Controller and NetScaler Gateway, allowing unauthorized users to gain administrative access. This flaw impacts various versions of the products, potentially putting the system at risk when exploited. Affected builds include 10.1, 10.5, 10.5e, 11.0, 11.1, and 12.0, with specific exclusions for build 41.24. It is crucial for users to update their systems to mitigate the risk associated with this vulnerability.

References

https://support.citrix.com/article/CTX228091
x_refsource_CONFIRM
https://support.citrix.com/article/CTX227928
x_refsource_CONFIRM
http://www.securityfocus.com/bid/100980
vdb-entryx_refsource_BID

CVSS V3.1

Score:
7.2
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.