Citrix Netscaler Application Delivery Controller Firmware vulnerabilities
29 known vulnerabilities affecting citrix/netscaler_application_delivery_controller_firmware.
Total CVEs
29
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL6HIGH7MEDIUM16
Vulnerabilities
Page 2 of 2
CVE-2015-7996P4MEDIUMCVSS 5.0v10.1v10.52015-11-17
CVE-2015-7996 [MEDIUM] CWE-200 CVE-2015-7996: The Nitro API in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before
The Nitro API in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 10.1 Build 133.9, 10.5 before Build 58.11, and 10.5.e before Build 56.1505.e on NetScaler Service Delivery Appliance Service VM (SVM) devices allow attackers to obtain credentials via the browser cache.
nvd
CVE-2013-6939P4MEDIUMCVSS 5.0v9.3\(1\)v9.3.e+2 more2014-03-11
CVE-2013-6939 [MEDIUM] CVE-2013-6939: Unspecified vulnerability in Citrix NetScaler Application Delivery Controller (ADC) 9.3.x before 9.3
Unspecified vulnerability in Citrix NetScaler Application Delivery Controller (ADC) 9.3.x before 9.3-64.4, 10.0 before 10.0-77.5, and 10.1 before 10.1-118.7 allows attackers to cause a denial of service via unknown vectors, related to "RADIUS authentication."
nvd
CVE-2013-6938P4MEDIUMCVSS 5.0v9.3\(1\)v9.3.e+2 more2014-03-11
CVE-2013-6938 [MEDIUM] CVE-2013-6938: Unspecified vulnerability in the Service VM in Citrix NetScaler SDX 9.3 before 9.3-64.4 and 10.0 bef
Unspecified vulnerability in the Service VM in Citrix NetScaler SDX 9.3 before 9.3-64.4 and 10.0 before 10.0-77.5 and Application Delivery Controller (ADC) 9.3.x before 9.3-64.4, 10.0 before 10.0-77.5, and 10.1 before 10.1-118.7 allows attackers to cause a denial of service via unknown vectors, related to the "Virtual Machine Daemon."
nvd
CVE-2013-6940P4MEDIUMCVSS 5.0v9.3\(1\)v9.3.e+2 more2014-03-11
CVE-2013-6940 [MEDIUM] CWE-255 CVE-2013-6940: Citrix NetScaler Application Delivery Controller (ADC) 9.3.x before 9.3-64.4, 10.0 before 10.0-77.5,
Citrix NetScaler Application Delivery Controller (ADC) 9.3.x before 9.3-64.4, 10.0 before 10.0-77.5, and 10.1 before 10.1-118.7 logs user credentials, which allows attackers to obtain sensitive information via unspecified vectors.
nvd
CVE-2015-7998P4MEDIUMCVSS 5.0v10.1v10.52015-11-17
CVE-2015-7998 [MEDIUM] CWE-200 CVE-2015-7998: The administration UI in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gatewa
The administration UI in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 10.1 Build 133.9, 10.5 before Build 58.11, and 10.5.e before Build 56.1505.e on NetScaler Service Delivery Appliance Service VM (SVM) devices allows attackers to obtain sensitive information via unspecified vectors.
nvd
CVE-2014-4346P4MEDIUMCVSS 4.3v10.12014-07-16
CVE-2014-4346 [MEDIUM] CWE-79 CVE-2014-4346: Cross-site scripting (XSS) vulnerability in administration user interface in Citrix NetScaler Applic
Cross-site scripting (XSS) vulnerability in administration user interface in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway (formerly Access Gateway Enterprise Edition) 10.1 before 10.1-126.12 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
nvd
CVE-2013-6944P4MEDIUMCVSS 4.3v9.3\(1\)v9.3.e+2 more2014-03-11
CVE-2013-6944 [MEDIUM] CWE-79 CVE-2013-6944: Cross-site scripting (XSS) vulnerability in the user interface in the AAA TM vServer in Citrix NetSc
Cross-site scripting (XSS) vulnerability in the user interface in the AAA TM vServer in Citrix NetScaler Application Delivery Controller (ADC) 9.3.x before 9.3-64.4, 10.0 before 10.0-77.5, and 10.1 before 10.1-118.7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
nvd
CVE-2015-7997P4MEDIUMCVSS 4.3v10.1v10.52015-11-17
CVE-2015-7997 [MEDIUM] CWE-79 CVE-2015-7997: Multiple cross-site scripting (XSS) vulnerabilities in the Nitro API in Citrix NetScaler Application
Multiple cross-site scripting (XSS) vulnerabilities in the Nitro API in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 10.1 Build 133.9, 10.5 before Build 58.11, and 10.5.e before Build 56.1505.e on NetScaler Service Delivery Appliance Service VM (SVM) devices allow remote attackers to inject arbitrary web script or
nvd
CVE-2015-6672P4MEDIUMCVSS 4.3v10.1v10.5+1 more2015-09-17
CVE-2015-6672 [MEDIUM] CWE-79 CVE-2015-6672: Cross-site scripting (XSS) vulnerability in the Administrative Web Interface in Citrix NetScaler App
Cross-site scripting (XSS) vulnerability in the Administrative Web Interface in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 10.1 Build 132.8, 10.5 before Build 57.7, and 10.5e before Build 56.1505.e allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
nvd
← Previous2 / 2