cbcvebase.
CVE-2021-22919
published 2021-08-05

CVE-2021-22919: A vulnerability has been discovered in Citrix ADC (formerly known as NetScaler ADC) and Citrix Gateway (formerly known as NetScaler Gateway), and Citrix SD-WAN…

PriorityP434high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
EPSS
0.94%
56.5th percentile
A vulnerability has been discovered in Citrix ADC (formerly known as NetScaler ADC) and Citrix Gateway (formerly known as NetScaler Gateway), and Citrix SD-WAN WANOP Edition models 4000-WO, 4100-WO, 5000-WO, and 5100-WO. These vulnerabilities, if exploited, could lead to the limited available disk space on the appliances being fully consumed.

Affected

21 ranges
VendorProductVersion rangeFixed in
citrixapplication_delivery_controller_firmware>= 11.1 < 11.1-65.2211.1-65.22
citrixapplication_delivery_controller_firmware>= 12.1 < 12.1-62.2712.1-62.27
citrixapplication_delivery_controller_firmware>= 12.1 < 12.1-55.23812.1-55.238
citrixapplication_delivery_controller_firmware>= 13.0 < 13.0-82.4513.0-82.45
citrixcitrix_adc
citrixcitrix_application_delivery_controller
citrixcitrix_gateway
citrixcitrix_sd-wan_wanop
citrixgateway>= 12.1 < 12.1-62.2712.1-62.27
citrixgateway>= 13.0 < 13.0-82.4513.0-82.45
citrixnetscaler_adc
citrixnetscaler_adc_gateway
citrixnetscaler_gateway
citrixnetscaler_gateway>= 11.1 < 11.1-65.2211.1-65.22
citrixsd-wan
citrixsd-wan_wanop>= 10.2 < 10.2.9.b10.2.9.b
citrixsd-wan_wanop>= 11.2 < 11.2.3.b11.2.3.b
citrixsd-wan_wanop>= 11.3 < 11.3.2.a11.3.2.a
citrixsd-wan_wanop>= 11.4 < 11.4.0.a11.4.0.a
citrixworkspace
citrixxenserver

CVSS provenance

nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.