← Back

CVE-2019-18225

nvd nist
Published: Oct 21, 2019Modified: Nov 21, 2024

JSON object

Loading...
9.8
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Exploitability: 3.9 / Impact: 5.9
Source: NVD

Description

An issue was discovered in Citrix Application Delivery Controller (ADC) and Gateway before 10.5 build 70.8, 11.x before 11.1 build 63.9, 12.0 before build 62.10, 12.1 before build 54.16, and 13.0 before build 41.28. An attacker with management-interface access can bypass authentication to obtain appliance administrative access. These products formerly used the NetScaler brand name.

Affected (10)

Citrix
3 products
Application Delivery Controller Firmware
Netscaler Gateway Firmware
Gateway Firmware
Configuration A
5 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Citrix
Application Delivery Controller Firmware
Version 10.5
Application Delivery Controller Firmware
Version 11.1
Application Delivery Controller Firmware
Version 12.0
Application Delivery Controller Firmware
Version 12.1
Application Delivery Controller Firmware
Version 13.0
Running on/withPlatform Versions
Citrix
Application Delivery Controller
All versions
Configuration B
4 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Citrix
Netscaler Gateway Firmware
Version 10.5
Netscaler Gateway Firmware
Version 11.1
Netscaler Gateway Firmware
Version 12.0
Netscaler Gateway Firmware
Version 12.1
Running on/withPlatform Versions
Citrix
Netscaler Gateway
All versions
Configuration C
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Gateway Firmware
Version 13.0
Running on/withPlatform Versions
Citrix
Gateway
All versions

References (2)

Source: cve@mitre.org
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.