CVE-2013-6011 — Improper Input Validation in Citrix Netscaler Application Delivery Controller Firmware

CWE-20 — Improper Input Validation3 documents3 sources

Severity

7.8HIGHNVD

EPSS

0.6%

top 29.42%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Citrix Netscaler Application Delivery Controller Firmware Citrix Netscaler ADC Gateway

Timeline

PublishedOct 4

Latest updateMay 17

Description

Citrix NetScaler Application Delivery Controller (ADC) 10.0 before 10.0-76.7 allows remote attackers to cause a denial of service (nsconfigd crash and appliance reboot) via a crafted request.

CVSS vector

AV:N/AC:L/C:N/I:N/A:CExploitability: 10.0 | Impact: 6.9

Affected Packages2 packages

▶NVDcitrix/netscaler_application_delivery_controller_firmware10.0, 10.0.e+1

▶citrixcitrix/netscaler_adc_gateway

🔴Vulnerability Details

GHSA

GHSA-r684-2vx5-8472: Citrix NetScaler Application Delivery Controller (ADC) 10↗2022-05-17

▶

📋Vendor Advisories

Citrix

CVE-2013-6011: Citrix NetScaler Application Delivery Controller (ADC) 10.0 before 10.0-76.7 allows remote attackers to cause a denial of service (nsconfigd crash and↗2013-10-04

▶