CVE-2007-4017 — Citrix Access Gateway vulnerability

6 documents4 sources

Severity

7.6HIGHNVD

EPSS

3.6%

top 12.18%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Citrix Access Gateway Citrix ADM Citrix Hypervisor +5 more

Timeline

PublishedJul 26

Latest updateMay 1

Description

Cross-site request forgery (CSRF) vulnerability in the web-based administration console in Citrix Access Gateway before firmware 4.5.5 allows remote attackers to perform certain configuration changes as administrators.

CVSS vector

AV:N/AC:H/C:C/I:C/A:CExploitability: 4.9 | Impact: 10.0

Affected Packages8 packages

▶NVDcitrix/access_gateway4.5

▶citrixcitrix/netscaler_gateway

▶citrixcitrix/xenserver

▶citrixcitrix/citrix_adm

▶citrixcitrix/netscaler_adc

Patches

Patch: secunia.com ↗Patch: support.citrix.com ↗Patch: support.citrix.com ↗

🔴Vulnerability Details

GHSA

GHSA-g35q-w93f-4c48: Cross-site request forgery (CSRF) vulnerability in the web-based administration console in Citrix Access Gateway before firmware 4↗2022-05-01

▶

💥Exploits & PoCs

Exploit-DB

Acoustica MP3 CD Burner 4.51 Build 147 - '.asx' Local Buffer Overflow↗2008-08-29

▶

📋Vendor Advisories

Citrix

CVE-2007-4017: Cross-site request forgery (CSRF) vulnerability in the web-based administration console in Citrix Access Gateway before firmware 4.5.5 allows remote a↗2007-07-26

▶

Citrix

Citrix Security Bulletin CTX113817↗

▶

Citrix

Citrix Security Bulletin CTX114028↗

▶