National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/h:citrix:netscaler_application_delivery_controller:-
There are 14 matching records.
Vuln ID Summary CVSS Severity
CVE-2019-12044

A Buffer Overflow exists in Citrix NetScaler Gateway 10.5.x before 10.5.70.x, 11.1.x before 11.1.59.10, 12.0.x before 12.0.59.8, and 12.1.x before 12.1.49.23 and Citrix Application Delivery Controller 10.5.x before 10.5.70.x, 11.1.x before 11.1.59.10, 12.0.x before 12.0.59.8, and 12.1.x before 12.1.49.23.

Published: May 22, 2019; 12:29:01 PM -04:00
V3: 7.5 HIGH
V2: 5.0 MEDIUM
CVE-2019-6485

Citrix NetScaler Gateway 12.1 before build 50.31, 12.0 before build 60.9, 11.1 before build 60.14, 11.0 before build 72.17, and 10.5 before build 69.5 and Application Delivery Controller (ADC) 12.1 before build 50.31, 12.0 before build 60.9, 11.1 before build 60.14, 11.0 before build 72.17, and 10.5 before build 69.5 allow remote attackers to obtain sensitive plaintext information because of a TLS Padding Oracle Vulnerability when CBC-based cipher suites are enabled.

Published: February 22, 2019; 06:29:00 PM -05:00
V3: 5.9 MEDIUM
V2: 4.3 MEDIUM
CVE-2018-6810

Directory traversal vulnerability in NetScaler ADC 10.5, 11.0, 11.1, and 12.0, and NetScaler Gateway 10.5, 11.0, 11.1, and 12.0 allows remote attackers to traverse the directory on the target system via a crafted request.

Published: March 06, 2018; 03:29:01 PM -05:00
V3: 7.5 HIGH
V2: 5.0 MEDIUM
CVE-2018-6809

NetScaler ADC 10.5, 11.0, 11.1, and 12.0, and NetScaler Gateway 10.5, 11.0, 11.1, and 12.0 allow remote attackers to gain privilege on a target system.

Published: March 06, 2018; 03:29:01 PM -05:00
V3: 9.8 CRITICAL
V2: 10.0 HIGH
CVE-2018-6808

NetScaler ADC 10.5, 11.0, 11.1, and 12.0, and NetScaler Gateway 10.5, 11.0, 11.1, and 12.0 allow remote attackers to download arbitrary files on the target system.

Published: March 06, 2018; 03:29:01 PM -05:00
V3: 7.5 HIGH
V2: 5.0 MEDIUM
CVE-2015-3642

The TLS and DTLS processing functionality in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway devices with firmware 9.x before 9.3 Build 68.5, 10.0 through Build 78.6, 10.1 before Build 130.13, 10.1.e before Build 130.1302.e, 10.5 before Build 55.8, and 10.5.e before Build 55.8007.e makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, a variant of CVE-2014-3566 (aka POODLE).

Published: August 02, 2017; 03:29:00 PM -04:00
V3: 5.9 MEDIUM
V2: 4.3 MEDIUM
CVE-2016-9028

Unauthorized redirect vulnerability in Citrix NetScaler ADC before 10.1 135.8, 10.5 61.11, 11.0 65.31/65.35F and 11.1 47.14 allows a remote attacker to steal session cookies of a legitimate AAA user via manipulation of Host header.

Published: October 28, 2016; 11:59:20 AM -04:00
V3: 8.8 HIGH
V2: 5.8 MEDIUM
CVE-2016-2072

The Administrative Web Interface in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 11.x before 11.0 Build 64.34, 10.5 before 10.5 Build 59.13, 10.5.e before Build 59.1305.e, and 10.1 allows remote attackers to conduct clickjacking attacks via unspecified vectors.

Published: February 17, 2016; 10:59:05 AM -05:00
V3: 6.1 MEDIUM
V2: 4.3 MEDIUM
CVE-2016-2071

Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 11.x before 11.0 Build 64.34, 10.5 before 10.5 Build 59.13, and 10.5.e before Build 59.1305.e allows remote attackers to gain privileges via unspecified NS Web GUI commands.

Published: February 17, 2016; 10:59:04 AM -05:00
V3: 9.8 CRITICAL
V2: 10.0 HIGH
CVE-2014-4347

Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway (formerly Access Gateway Enterprise Edition) before 9.3-62.4 and 10.x before 10.1-126.12 allows attackers to obtain sensitive information via vectors related to a cookie.

Published: July 16, 2014; 10:19:04 AM -04:00
V2: 5.0 MEDIUM
CVE-2014-4346

Cross-site scripting (XSS) vulnerability in administration user interface in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway (formerly Access Gateway Enterprise Edition) 10.1 before 10.1-126.12 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Published: July 16, 2014; 10:19:03 AM -04:00
V2: 4.3 MEDIUM
CVE-2014-2882

Unspecified vulnerability in the management GUI in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 9.3-66.5 and 10.x before 10.1-122.17 has unspecified impact and vectors, related to certificate validation.

Published: May 01, 2014; 01:28:36 PM -04:00
V2: 10.0 HIGH
CVE-2014-2881

Unspecified vulnerability in the Diffie-Hellman key agreement implementation in the management GUI Java applet in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 9.3-66.5 and 10.x before 10.1-122.17 has unknown impact and vectors.

Published: May 01, 2014; 01:28:36 PM -04:00
V2: 10.0 HIGH
CVE-2013-6011

Citrix NetScaler Application Delivery Controller (ADC) 10.0 before 10.0-76.7 allows remote attackers to cause a denial of service (nsconfigd crash and appliance reboot) via a crafted request.

Published: October 04, 2013; 01:55:10 PM -04:00
V2: 7.8 HIGH