CVE-2006-4846 — Citrix Access Gateway vulnerability

8 documents3 sources

Severity

6.5MEDIUMNVD

NVD5.1

EPSS

3.8%

top 11.90%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Citrix Access Gateway Citrix ADM Citrix Hypervisor +5 more

Timeline

PublishedSep 19

Latest updateMay 1

Description

Unspecified vulnerability in Citrix Access Gateway with Advanced Access Control (AAC) 4.2 before 20060914, when AAC is configured to use LDAP authentication, allows remote attackers to bypass authentication via unknown vectors.

CVSS vector

AV:N/AC:H/C:P/I:P/A:PExploitability: 4.9 | Impact: 6.4

Affected Packages8 packages

▶NVDcitrix/access_gateway4.0, 4.2+1

▶citrixcitrix/netscaler_gateway

▶citrixcitrix/xenserver

▶citrixcitrix/citrix_adm

▶citrixcitrix/netscaler_adc

Patches

Patch: secunia.com ↗Patch: securitytracker.com ↗Patch: support.citrix.com ↗

🔴Vulnerability Details

GHSA

GHSA-rv56-6633-c83p: Unspecified vulnerability in Citrix Advanced Access Control (AAC) Option 4↗2022-05-01

▶

GHSA

GHSA-372j-ghp3-gx46: Unspecified vulnerability in Citrix Access Gateway with Advanced Access Control (AAC) 4↗2022-05-01

▶

📋Vendor Advisories

Citrix

CVE-2006-6572: Unspecified vulnerability in Citrix Advanced Access Control (AAC) Option 4.0, and Access Gateway 4.2 with Advanced Access Control 4.2, before 20061114↗2006-12-15

▶

Citrix

CVE-2006-4846: Unspecified vulnerability in Citrix Access Gateway with Advanced Access Control (AAC) 4.2 before 20060914, when AAC is configured to use LDAP authenti↗2006-09-19

▶

Citrix

LDAP authentication vulnerability in Access Gateway Advanced Access Control↗

▶

Citrix

Citrix Security Bulletin CTX110439↗

▶