← Back

CVE-2017-14602

nvd nist
Published: Sep 26, 2017Modified: May 13, 2026

JSON object

Loading...
7.2
Vector
CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Exploitability: 1.2 / Impact: 5.9
Source: NVD

Description

A vulnerability has been identified in the management interface of Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 10.1 before build 135.18, 10.5 before build 66.9, 10.5e before build 60.7010.e, 11.0 before build 70.16, 11.1 before build 55.13, and 12.0 before build 53.13 (except for build 41.24) that, if exploited, could allow an attacker with access to the NetScaler management interface to gain administrative access to the appliance.

Affected (12)

Citrix
2 products
Application Delivery Controller Firmware
Netscaler Gateway Firmware
Configuration A
12 vulnerable
Vulnerable SoftwareAffected Versions
Citrix
Application Delivery Controller Firmware
Version 10.1
Application Delivery Controller Firmware
Version 10.5
Application Delivery Controller Firmware
Version 10.5e
Application Delivery Controller Firmware
Version 11.0
Application Delivery Controller Firmware
Version 11.1
Application Delivery Controller Firmware
Version 12.0
Citrix
Netscaler Gateway Firmware
Version 10.1
Netscaler Gateway Firmware
Version 10.5
Netscaler Gateway Firmware
Version 10.5e
Netscaler Gateway Firmware
Version 11.0
Netscaler Gateway Firmware
Version 11.1
Netscaler Gateway Firmware
Version 12.0

Related CWEs

CWE-287
Improper Authentication
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

References (6)

Source: cve@mitre.org
Third Party AdvisoryVDB Entry
Source: cve@mitre.org
MitigationPatchVendor Advisory
Source: cve@mitre.org
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
MitigationPatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.