⚠ Actively exploited
Added to CISA KEV on 2022-03-25. Federal agencies required to patch by 2022-04-15. Required action: Apply updates per vendor instructions..

CVE-2019-12989SQL Injection in Citrix Netscaler Sd-wan

CWE-89SQL Injection12 documents9 sources
Severity
9.8CRITICALNVD
EPSS
91.6%
top 0.32%
CISA KEV
KEV
Added 2022-03-25
Due 2022-04-15
Exploit
Exploited in wild
Active exploitation observed
Affected products
5
Citrix Netscaler Sd-wanCitrix Sd-wanCitrix Sd-wan+2 more
Timeline
PublishedJul 16
KEV addedMar 25
KEV dueApr 15
Latest updateMay 24
CISA Required Action: Apply updates per vendor instructions.

Description

Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 allow SQL Injection.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages6 packages

NVDcitrix/netscaler_sd-wan10.0.010.0.8
NVDcitrix/sd-wan10.2.010.2.3
citrixcitrix/sd-wan

🔴Vulnerability Details

2
GHSA
GHSA-9q4p-22w8-h32x: Citrix SD-WAN 102022-05-24
VulnCheck
Citrix SD-WAN and NetScaler SQL Injection Vulnerability2019

💥Exploits & PoCs

2
Exploit-DB
Citrix SD-WAN Appliance 10.2.2 - Authentication Bypass / Remote Command Execution2019-07-12
Nuclei
Citrix SD-WAN and NetScaler SD-WAN - SQL Injection

📋Vendor Advisories

3
CISA
Citrix SD-WAN and NetScaler SQL Injection Vulnerability2022-03-25
Citrix
CVE-2019-12989: Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 allow SQL Injection.2019-07-16
Citrix
Citrix SD-WAN Multiple Security Updates

🕵️Threat Intelligence

4
Unit42
Mirai Variant ECHOBOT Resurfaces with 13 Previously Unexploited Vulnerabilities2019-12-13
Unit42
Mirai Variant ECHOBOT Resurfaces with 13 Previously Unexploited Vulnerabilities2019-12-13
Tenable
Multiple Vulnerabilities Found in Citrix SD-WAN Center and SD-WAN Appliances2019-07-11
Tenable
Citrix SD-WAN Appliance Multiple Vulnerabilities2019-07-02