cbcvebase.
CVE-2019-18177
published 2022-12-26

CVE-2019-18177: In certain Citrix products, information disclosure can be achieved by an authenticated VPN user when there is a configured SSL VPN endpoint. This affects…

PriorityP434medium6.5CVSS 3.1
AVNACLPRLUINSUCHINAN
EPSS
0.58%
43.2th percentile
In certain Citrix products, information disclosure can be achieved by an authenticated VPN user when there is a configured SSL VPN endpoint. This affects Citrix ADC and Citrix Gateway 13.0-58.30 and later releases before the CTX276688 update.

Affected

10 ranges
VendorProductVersion rangeFixed in
citrixapplication_delivery_controller_firmware< 13.0-58.3013.0-58.30
citrixcitrix_adc
citrixcitrix_application_delivery_controller
citrixcitrix_gateway
citrixcitrix_sd-wan_wanop
citrixgateway< 13.0-58.3013.0-58.30
citrixnetscaler_adc
citrixnetscaler_gateway
citrixsd-wan
citrixxenserver
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.