CVE-2014-8580
published 2014-11-07CVE-2014-8580: Citrix NetScaler Application Delivery Controller and NetScaler Gateway 10.5.50.10 before 10.5-52.11, 10.1.122.17 before 10.1-129.11, and 10.1-120.1316.e before…
PriorityP424medium4.9CVSS 2.0
AVNACMAuSCPIPAN
EPSS
1.51%
71.3th percentile
Citrix NetScaler Application Delivery Controller and NetScaler Gateway 10.5.50.10 before 10.5-52.11, 10.1.122.17 before 10.1-129.11, and 10.1-120.1316.e before 10.1-129.1105.e, when using unspecified configurations, allows remote authenticated users to access "network resources" of other users via unknown vectors.
Affected
30 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| citrix | application_delivery_controller | — | — |
| citrix | citrix_netscaler_adc | — | — |
| citrix | netscaler_adc | — | — |
| citrix | netscaler_adc_gateway | — | — |
| citrix | netscaler_application_delivery_controller_firmware | — | — |
| citrix | netscaler_application_delivery_controller_firmware | — | — |
| citrix | netscaler_application_delivery_controller_firmware | — | — |
| citrix | netscaler_application_delivery_controller_firmware | — | — |
| citrix | netscaler_application_delivery_controller_firmware | — | — |
| citrix | netscaler_application_delivery_controller_firmware | — | — |
| citrix | netscaler_application_delivery_controller_firmware | — | — |
| citrix | netscaler_application_delivery_controller_firmware | — | — |
| citrix | netscaler_application_delivery_controller_firmware | — | — |
| citrix | netscaler_application_delivery_controller_firmware | — | — |
| citrix | netscaler_application_delivery_controller_firmware | — | — |
| citrix | netscaler_application_delivery_controller_firmware | — | — |
| citrix | netscaler_gateway | — | — |
| citrix | netscaler_gateway_firmware | — | — |
| citrix | netscaler_gateway_firmware | — | — |
| citrix | netscaler_gateway_firmware | — | — |
| citrix | netscaler_gateway_firmware | — | — |
| citrix | netscaler_gateway_firmware | — | — |
| citrix | netscaler_gateway_firmware | — | — |
| citrix | netscaler_gateway_firmware | — | — |
| citrix | netscaler_gateway_firmware | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Citrix
CVE-2014-8580: Citrix NetScaler Application Delivery Controller and NetScaler Gateway 10.5.50.10 before 10.5-52.11, 10.1.122.17 before 10.1-129.11, and 10.1-120.1316
vendor_citrix·2014-11-07·CVSS 4.9
CVE-2014-8580 [MEDIUM] CWE-264 CVE-2014-8580: Citrix NetScaler Application Delivery Controller and NetScaler Gateway 10.5.50.10 before 10.5-52.11, 10.1.122.17 before 10.1-129.11, and 10.1-120.1316
CVE-2014-8580: Citrix NetScaler Application Delivery Controller and NetScaler Gateway 10.5.50.10 before 10.5-52.11, 10.1.122.17 before 10.1-129.11, and 10.1-120.1316.e before 10.1-129.1105.e, when using unspecified configurations, allows remote authenticated users to access "network resources" of other users via unknown vectors.
Citrix
CVE-2014-8580 - Authentication Flaw in Citrix NetScaler Application Delivery Controller and NetScaler Gateway Could Result in Unauthorised Access to Network Resources
vendor_citrix·CVSS 4.9
CVE-2014-8580 [MEDIUM] CVE-2014-8580 - Authentication Flaw in Citrix NetScaler Application Delivery Controller and NetScaler Gateway Could Result in Unauthorised Access to Network Resources
CVE-2014-8580 - Authentication Flaw in Citrix NetScaler Application Delivery Controller and NetScaler Gateway Could Result in Unauthorised Access to Network Resources
of Problem An authentication flaw has been identified in certain configurations of Citrix NetScaler ADC and NetScaler Gateway that could allow an authenticated user to obtain unauthorised access to network resources for another authenticated user. This flaw affects the following versions of Citrix NetScaler ADC and NetScaler Gateway: Version 10.5.x between 10.5.50.10 and 10.5.51.10 Version 10.1.x between 10.1.122.17 and 10.1.128.8 Version 10.1.x “Enhanced” between 10.1-120.1316.e and 10.1-128.8003.e This flaw has been assigned the following CVE number: CVE-2014-8580: Authentication Flaw in Citrix NetScaler Application Delive
GHSA
GHSA-xxmm-334r-gmx7: Citrix NetScaler Application Delivery Controller and NetScaler Gateway 10
ghsa_unreviewed·2022-05-17
CVE-2014-8580 [MEDIUM] GHSA-xxmm-334r-gmx7: Citrix NetScaler Application Delivery Controller and NetScaler Gateway 10
Citrix NetScaler Application Delivery Controller and NetScaler Gateway 10.5.50.10 before 10.5-52.11, 10.1.122.17 before 10.1-129.11, and 10.1-120.1316.e before 10.1-129.1105.e, when using unspecified configurations, allows remote authenticated users to access "network resources" of other users via unknown vectors.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://secunia.com/advisories/62114http://support.citrix.com/article/CTX200254http://www.securitytracker.com/id/1031212https://exchange.xforce.ibmcloud.com/vulnerabilities/98661http://secunia.com/advisories/62114http://support.citrix.com/article/CTX200254http://www.securitytracker.com/id/1031212https://exchange.xforce.ibmcloud.com/vulnerabilities/98661
2014-11-07
Published