CVE-2019-11550Improper Certificate Validation in Citrix Netscaler Sd-wan

CWE-295Improper Certificate Validation4 documents3 sources
Severity
5.9MEDIUMNVD
EPSS
0.1%
top 65.30%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
5
Citrix Netscaler Sd-wanCitrix Sd-wanCitrix Sd-wan+2 more
Timeline
PublishedMay 8
Latest updateMay 24

Description

Citrix SD-WAN 10.2.x before 10.2.1 and NetScaler SD-WAN 10.0.x before 10.0.7 have Improper Certificate Validation.

CVSS vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 2.2 | Impact: 3.6

Affected Packages6 packages

NVDcitrix/netscaler_sd-wan10.0.010.0.7+1
NVDcitrix/sd-wan10.2.010.2.1+1
citrixcitrix/sd-wan

Patches

Patch: support.citrix.comPatch: support.citrix.com

🔴Vulnerability Details

1
GHSA
GHSA-p53g-mf4j-5xxx: Citrix SD-WAN 102022-05-24

📋Vendor Advisories

2
Citrix
CVE-2019-11550: Citrix SD-WAN 10.2.x before 10.2.1 and NetScaler SD-WAN 10.0.x before 10.0.7 have Improper Certificate Validation.2019-05-08
Citrix
CVE-2019-11550 - Citrix SD-WAN Security Update