Filtered by vendor Citrix
Subscriptions
Filtered by product Application Delivery Controller Firmware
Subscriptions
Total
30 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-8198 | 1 Citrix | 11 4000-wo, 4100-wo, 5000-wo and 8 more | 2024-08-04 | 6.1 Medium |
| Improper input validation in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 resulting in Stored Cross-Site Scripting (XSS). | ||||
| CVE-2020-8193 | 1 Citrix | 11 4000-wo, 4100-wo, 5000-wo and 8 more | 2024-08-04 | 6.5 Medium |
| Improper access control in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 allows unauthenticated access to certain URL endpoints. | ||||
| CVE-2021-22956 | 1 Citrix | 4 Application Delivery Controller, Application Delivery Controller Firmware, Gateway and 1 more | 2024-08-03 | 7.5 High |
| An uncontrolled resource consumption vulnerability exists in Citrix ADC <13.0-83.27, <12.1-63.22 and 11.1-65.23 that could allow an attacker with access to NSIP or SNIP with management interface access to cause a temporary disruption of the Management GUI, Nitro API, and RPC communication. | ||||
| CVE-2021-22927 | 1 Citrix | 16 Application Delivery Controller, Application Delivery Controller Firmware, Gateway and 13 more | 2024-08-03 | 8.1 High |
| A session fixation vulnerability exists in Citrix ADC and Citrix Gateway 13.0-82.45 when configured SAML service provider that could allow an attacker to hijack a session. | ||||
| CVE-2021-22955 | 1 Citrix | 3 Application Delivery Controller, Application Delivery Controller Firmware, Gateway | 2024-08-03 | 7.5 High |
| A unauthenticated denial of service vulnerability exists in Citrix ADC <13.0-83.27, <12.1-63.22 and 11.1-65.23 when configured as a VPN (Gateway) or AAA virtual server could allow an attacker to cause a temporary disruption of the Management GUI, Nitro API, and RPC communication. | ||||
| CVE-2021-22919 | 1 Citrix | 21 4000-wo, 4100-wo, 5000-wo and 18 more | 2024-08-03 | 7.5 High |
| A vulnerability has been discovered in Citrix ADC (formerly known as NetScaler ADC) and Citrix Gateway (formerly known as NetScaler Gateway), and Citrix SD-WAN WANOP Edition models 4000-WO, 4100-WO, 5000-WO, and 5100-WO. These vulnerabilities, if exploited, could lead to the limited available disk space on the appliances being fully consumed. | ||||
| CVE-2022-27518 | 1 Citrix | 4 Application Delivery Controller, Application Delivery Controller Firmware, Gateway and 1 more | 2024-08-03 | 9.8 Critical |
| Unauthenticated remote arbitrary code execution | ||||
| CVE-2022-27516 | 1 Citrix | 3 Application Delivery Controller, Application Delivery Controller Firmware, Gateway | 2024-08-03 | 5.3 Medium |
| User login brute force protection functionality bypass | ||||
| CVE-2022-27513 | 1 Citrix | 3 Application Delivery Controller, Application Delivery Controller Firmware, Gateway | 2024-08-03 | 8.3 High |
| Remote desktop takeover via phishing | ||||
| CVE-2022-27510 | 1 Citrix | 3 Application Delivery Controller, Application Delivery Controller Firmware, Gateway | 2024-08-03 | 9.8 Critical |
| Unauthorized access to Gateway user capabilities | ||||