CVE-2018-7218 — Citrix Application Delivery Controller Firmware vulnerability

4 documents3 sources

Severity

9.8CRITICALNVD

EPSS

5.9%

top 9.39%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Citrix Application Delivery Controller Firmware Citrix Netscaler Gateway Firmware Citrix ADM +7 more

Timeline

PublishedMay 17

Latest updateMay 14

Description

The AppFirewall functionality in Citrix NetScaler Application Delivery Controller and NetScaler Gateway 10.5 before Build 68.7, 11.0 before Build 71.24, 11.1 before Build 58.13, and 12.0 before Build 57.24 allows remote attackers to execute arbitrary code via unspecified vectors.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages10 packages

▶citrixcitrix/netscaler_gateway

▶citrixcitrix/netscaler_adc_gateway

▶NVDcitrix/netscaler_gateway_firmware4 versions+3

▶NVDcitrix/application_delivery_controller_firmware4 versions+3

▶citrixcitrix/netscaler_adc

🔴Vulnerability Details

GHSA

GHSA-wqj6-wrmm-v5j3: The AppFirewall functionality in Citrix NetScaler Application Delivery Controller and NetScaler Gateway 10↗2022-05-14

▶

📋Vendor Advisories

Citrix

CVE-2018-7218: The AppFirewall functionality in Citrix NetScaler Application Delivery Controller and NetScaler Gateway 10.5 before Build 68.7, 11.0 before Build 71.2↗2018-05-17

▶

Citrix

Citrix Security Bulletin CTX234869↗

▶