Search Results (Refine Search)
- CPE Product Version: cpe:/o:citrix:netscaler_application_delivery_controller_firmware:10.5
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2019-6485 |
Citrix NetScaler Gateway 12.1 before build 50.31, 12.0 before build 60.9, 11.1 before build 60.14, 11.0 before build 72.17, and 10.5 before build 69.5 and Application Delivery Controller (ADC) 12.1 before build 50.31, 12.0 before build 60.9, 11.1 before build 60.14, 11.0 before build 72.17, and 10.5 before build 69.5 allow remote attackers to obtain sensitive plaintext information because of a TLS Padding Oracle Vulnerability when CBC-based cipher suites are enabled. Published: February 22, 2019; 6:29:00 PM -0500 |
V3.0: 5.9 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2018-6811 |
Multiple cross-site scripting (XSS) vulnerabilities in Citrix NetScaler ADC 10.5, 11.0, 11.1, and 12.0, and NetScaler Gateway 10.5, 11.0, 11.1, and 12.0 allow remote attackers to inject arbitrary web script or HTML via the Citrix NetScaler interface. Published: March 06, 2018; 3:29:01 PM -0500 |
V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2018-6810 |
Directory traversal vulnerability in NetScaler ADC 10.5, 11.0, 11.1, and 12.0, and NetScaler Gateway 10.5, 11.0, 11.1, and 12.0 allows remote attackers to traverse the directory on the target system via a crafted request. Published: March 06, 2018; 3:29:01 PM -0500 |
V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2018-6809 |
NetScaler ADC 10.5, 11.0, 11.1, and 12.0, and NetScaler Gateway 10.5, 11.0, 11.1, and 12.0 allow remote attackers to gain privilege on a target system. Published: March 06, 2018; 3:29:01 PM -0500 |
V3.0: 9.8 CRITICAL V2.0: 10.0 HIGH |
CVE-2018-6808 |
NetScaler ADC 10.5, 11.0, 11.1, and 12.0, and NetScaler Gateway 10.5, 11.0, 11.1, and 12.0 allow remote attackers to download arbitrary files on the target system. Published: March 06, 2018; 3:29:01 PM -0500 |
V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2016-9028 |
Unauthorized redirect vulnerability in Citrix NetScaler ADC before 10.1 135.8, 10.5 61.11, 11.0 65.31/65.35F and 11.1 47.14 allows a remote attacker to steal session cookies of a legitimate AAA user via manipulation of Host header. Published: October 28, 2016; 11:59:20 AM -0400 |
V3.0: 8.8 HIGH V2.0: 5.8 MEDIUM |
CVE-2015-7998 |
The administration UI in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 10.1 Build 133.9, 10.5 before Build 58.11, and 10.5.e before Build 56.1505.e on NetScaler Service Delivery Appliance Service VM (SVM) devices allows attackers to obtain sensitive information via unspecified vectors. Published: November 17, 2015; 10:59:20 AM -0500 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2015-7997 |
Multiple cross-site scripting (XSS) vulnerabilities in the Nitro API in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 10.1 Build 133.9, 10.5 before Build 58.11, and 10.5.e before Build 56.1505.e on NetScaler Service Delivery Appliance Service VM (SVM) devices allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. Published: November 17, 2015; 10:59:19 AM -0500 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2015-7996 |
The Nitro API in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 10.1 Build 133.9, 10.5 before Build 58.11, and 10.5.e before Build 56.1505.e on NetScaler Service Delivery Appliance Service VM (SVM) devices allow attackers to obtain credentials via the browser cache. Published: November 17, 2015; 10:59:17 AM -0500 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2015-6672 |
Cross-site scripting (XSS) vulnerability in the Administrative Web Interface in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 10.1 Build 132.8, 10.5 before Build 57.7, and 10.5e before Build 56.1505.e allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Published: September 17, 2015; 12:59:04 PM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2015-5538 |
Multiple unspecified vulnerabilities in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 10.1 Build 132.8, 10.5 before Build 57.7, and 10.5e before Build 56.1505.e allow remote attackers to gain privileges via unknown vectors, related to the (1) Command Line Interface (CLI) and the (2) Web User Interface (UI). Published: September 17, 2015; 12:59:02 PM -0400 |
V3.x:(not available) V2.0: 10.0 HIGH |
CVE-2015-5080 |
The Management Interface in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 10.1 before 10.1.132.8, 10.5 before Build 56.15, and 10.5.e before Build 56.1505.e allows remote authenticated users to execute arbitrary shell commands via shell metacharacters in the filter parameter to rapi/ipsec_logs. Published: July 16, 2015; 10:59:05 AM -0400 |
V3.x:(not available) V2.0: 9.0 HIGH |
CVE-2015-2829 |
Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 10.5 Build 53.9 through 55.8 and 10.5.e Build 53-9010.e allow remote attackers to cause a denial of service (reboot) via unspecified vectors. Published: May 12, 2015; 3:59:16 PM -0400 |
V3.x:(not available) V2.0: 7.8 HIGH |
CVE-2014-7140 |
Unspecified vulnerability in the management interface in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 10.x before 10.1-129.11 and 10.5 before 10.5-50.10 allows remote attackers to execute arbitrary code via unknown vectors. Published: October 21, 2014; 10:55:04 AM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |