CVE-2017-7219

Published: Apr 13, 2017Modified: May 13, 2026

8.8

Vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 2.8 / Impact: 5.9

Source: NVD

Description

A heap overflow vulnerability in Citrix NetScaler Gateway versions 10.1 before 135.8/135.12, 10.5 before 65.11, 11.0 before 70.12, and 11.1 before 52.13 allows a remote authenticated attacker to run arbitrary commands via unspecified vectors.

Affected (4)

Products: Citrix: Netscaler Gateway Firmware

1 product

Netscaler Gateway Firmware

Configuration A

4 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Citrix Netscaler Gateway Firmware	Version 10.1
Citrix Netscaler Gateway Firmware	Version 10.5
Citrix Netscaler Gateway Firmware	Version 11.0
Citrix Netscaler Gateway Firmware	Version 11.1

Running on/with	Platform Versions
Citrix Netscaler Gateway	All versions

Related CWEs

Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

References (6)

http://www.securityfocus.com/bid/97626

Source: cve@mitre.org

Third Party AdvisoryVendor Advisory

http://www.securitytracker.com/id/1038283

Source: cve@mitre.org

https://support.citrix.com/article/CTX222657

Source: cve@mitre.org

PatchVendor Advisory

http://www.securityfocus.com/bid/97626

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVendor Advisory

http://www.securitytracker.com/id/1038283

Source: af854a3a-2127-422b-91ae-364da2661108

https://support.citrix.com/article/CTX222657

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

Timeline

No history available yet.