CVE-2014-4347Sensitive Information Exposure in Citrix Netscaler Access Gateway Firmware

CWE-200Sensitive Information Exposure4 documents3 sources
Severity
5.0MEDIUMNVD
EPSS
1.0%
top 23.22%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
10
Citrix Netscaler Access Gateway FirmwareCitrix Netscaler Application Delivery Controller FirmwareCitrix ADM+7 more
Timeline
PublishedJul 16
Latest updateMay 14

Description

Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway (formerly Access Gateway Enterprise Edition) before 9.3-62.4 and 10.x before 10.1-126.12 allows attackers to obtain sensitive information via vectors related to a cookie.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages10 packages

🔴Vulnerability Details

1
GHSA
GHSA-qmw2-rrv5-2qxg: Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway (formerly Access Gateway Enterprise Edition) before 92022-05-14

📋Vendor Advisories

2
Citrix
CVE-2014-4347: Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway (formerly Access Gateway Enterprise Edition) before 9.3-62.4 and 10.x bef2014-07-16
Citrix
Citrix Security Bulletin CTX140863