CVE-2007-4018 — Citrix Access Gateway vulnerability

5 documents3 sources

Severity

6.8MEDIUMNVD

EPSS

0.9%

top 25.02%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Citrix Access Gateway Citrix ADM Citrix Hypervisor +5 more

Timeline

PublishedJul 26

Latest updateMay 1

Description

Citrix Access Gateway Advanced Edition before firmware 4.5.5 allows attackers to redirect users to arbitrary web sites and conduct phishing attacks via unknown vectors.

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 8.6 | Impact: 6.4

Affected Packages8 packages

▶NVDcitrix/access_gateway4.5

▶citrixcitrix/netscaler_gateway

▶citrixcitrix/xenserver

▶citrixcitrix/citrix_adm

▶citrixcitrix/netscaler_adc

Patches

Patch: secunia.com ↗Patch: support.citrix.com ↗Patch: support.citrix.com ↗

🔴Vulnerability Details

GHSA

GHSA-8f3c-mh5h-xmx7: Citrix Access Gateway Advanced Edition before firmware 4↗2022-05-01

▶

📋Vendor Advisories

Citrix

CVE-2007-4018: Citrix Access Gateway Advanced Edition before firmware 4.5.5 allows attackers to redirect users to arbitrary web sites and conduct phishing attacks vi↗2007-07-26

▶

Citrix

Citrix Security Bulletin CTX114028↗

▶

Citrix

Citrix Security Bulletin CTX113816↗

▶