Citrix Sd-Wan vulnerabilities

CVE-2019-12991 [HIGH] CWE-78 CVE-2019-12991: Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Val Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 5 of 6).

CVE-2019-12992 [HIGH] CWE-78 CVE-2019-12992: Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Val Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 6 of 6).

CVE-2019-10883 [CRITICAL] Citrix SD-WAN Center Security Updates Citrix SD-WAN Center Security Updates of Problem A command injection vulnerability has been identified in the management console of Citrix SD-WAN Center and NetScaler SD-WAN Center. This vulnerability could allow an unauthenticated attacker with access to the management console to compromise the host. A low severity cross-site scripting (XSS) vulnerability has been identified in the management console of Citrix SD-WAN Center and Ne

CVE-2019-11550 [MEDIUM] CWE-295 CVE-2019-11550: Citrix SD-WAN 10.2.x before 10.2.1 and NetScaler SD-WAN 10.0.x before 10.0.7 have Improper Certifica Citrix SD-WAN 10.2.x before 10.2.1 and NetScaler SD-WAN 10.0.x before 10.0.7 have Improper Certificate Validation.

CVE-2018-17446 [CRITICAL] CWE-89 CVE-2018-17446: A SQL Injection issue was discovered in Citrix SD-WAN 10.1.0 and NetScaler SD-WAN 9.3.x before 9.3.6 A SQL Injection issue was discovered in Citrix SD-WAN 10.1.0 and NetScaler SD-WAN 9.3.x before 9.3.6 and 10.0.x before 10.0.4.

CVE-2018-17448 [CRITICAL] CVE-2018-17448: An Incorrect Access Control issue was discovered in Citrix SD-WAN 10.1.0 and NetScaler SD-WAN 9.3.x An Incorrect Access Control issue was discovered in Citrix SD-WAN 10.1.0 and NetScaler SD-WAN 9.3.x before 9.3.6 and 10.0.x before 10.0.4.

CVE-2018-17445 [CRITICAL] CWE-77 CVE-2018-17445: A Command Injection issue was discovered in Citrix SD-WAN 10.1.0 and NetScaler SD-WAN 9.3.x before 9 A Command Injection issue was discovered in Citrix SD-WAN 10.1.0 and NetScaler SD-WAN 9.3.x before 9.3.6 and 10.0.x before 10.0.4.

CVE-2018-17447 [HIGH] CWE-532 CVE-2018-17447: An Information Exposure Through Log Files issue was discovered in Citrix SD-WAN 10.1.0 and NetScaler An Information Exposure Through Log Files issue was discovered in Citrix SD-WAN 10.1.0 and NetScaler SD-WAN 9.3.x before 9.3.6 and 10.0.x before 10.0.4.

CVE-2018-17444 [HIGH] CWE-22 CVE-2018-17444: A Directory Traversal issue was discovered in Citrix SD-WAN 10.1.0 and NetScaler SD-WAN 9.3.x before A Directory Traversal issue was discovered in Citrix SD-WAN 10.1.0 and NetScaler SD-WAN 9.3.x before 9.3.6 and 10.0.x before 10.0.4.

CVE-2018-5314 [HIGH] CWE-287 CVE-2018-5314: Command injection vulnerability in Citrix NetScaler ADC and NetScaler Gateway 11.0 before build 70.16, 11.1 before build 55.13, and 12.0 before build CVE-2018-5314: Command injection vulnerability in Citrix NetScaler ADC and NetScaler Gateway 11.0 before build 70.16, 11.1 before build 55.13, and 12.0 before build 53.13; and the NetScaler Load Balancing instance distributed with NetScaler SD-WAN/CloudBridge 4000, 4100, 5000 and 5100 WAN Optimization Edi

CVE-2017-6316 [CRITICAL] CVE-2017-6316: Citrix NetScaler SD-WAN devices through v9.1.2.26.561201 allow remote attackers to execute arbitrary shell commands as root via a CGISESSID cookie. On CVE-2017-6316: Citrix NetScaler SD-WAN devices through v9.1.2.26.561201 allow remote attackers to execute arbitrary shell commands as root via a CGISESSID cookie. On CloudBridge (the former name of NetScaler SD-WAN) devices, the cookie name was CAKEPHP rather than CGISESSID. CISA KEV: A vulnerability has be

CVE-2021-22955 [HIGH] CWE-400 Citrix Application Delivery Controller and Citrix Gateway Edition appliance Security Update Citrix Application Delivery Controller and Citrix Gateway Edition appliance Security Update CWE CVE References: CVE-2021-22955, CVE-2021-22956 Affected Products: Citrix ADC, Citrix Application Delivery Controller, Citrix Gateway, Citrix SD-WAN WANOP, NetScaler ADC, NetScaler Gateway, SD-WAN, XenServer Severity: Critical

CVE-2012-2104 [MEDIUM] Citrix SD-WAN Multiple Security Updates Citrix SD-WAN Multiple Security Updates of Problem Multiple vulnerabilities have been identified in the management interface of Citrix NetScaler SD-WAN physical appliances and virtual appliances. Collectively these vulnerabilities could allow an unauthenticated attacker with access to the management interface to compromise the host. The vulnerabilities have been assigned the following CVE numbers. CVE-2018-17444 - Directory traversa

CVE-2022-27505 [MEDIUM] CWE-79 Citrix SD-WAN Security Bulletin for CVE-2022-27505 and CVE-2022-27506 Citrix SD-WAN Security Bulletin for CVE-2022-27505 and CVE-2022-27506 CWE CVE References: CVE-2022-27505, CVE-2022-27506 Affected Products: Citrix SD-WAN, SD-WAN, XenServer Severity: High Remediation: as soon as possible. This issue has been addressed in the following supported Citrix SD-WAN versions: Citrix SD-WAN Standard/Premium Edition Appliance versions 11.4.3a and above CVE-2022-27506: C