CVE-2015-5538 - OpenCVE

Multiple unspecified vulnerabilities in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 10.1 Build 132.8, 10.5 before Build 57.7, and 10.5e before Build 56.1505.e allow remote attackers to gain privileges via unknown vectors, related to the (1) Command Line Interface (CLI) and the (2) Web User Interface (UI).

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:L/Au:N/C:C/I:C/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Citrix	Netscaler Application Delivery Controller Firmware Netscaler Gateway Firmware

Configuration 1 [-]

OR	cpe:2.3:o:citrix:netscaler_application_delivery_controller_firmware:10.1:::::::*
	cpe:2.3:o:citrix:netscaler_application_delivery_controller_firmware:10.5:::::::*
	cpe:2.3:o:citrix:netscaler_application_delivery_controller_firmware:10.5e:::::::*
	cpe:2.3:o:citrix:netscaler_gateway_firmware:10.1:::::::*
	cpe:2.3:o:citrix:netscaler_gateway_firmware:10.5:::::::*
	cpe:2.3:o:citrix:netscaler_gateway_firmware:10.5e:::::::*

No data.

References

Link	Providers
http://support.citrix.com/article/CTX201334
http://www.securitytracker.com/id/1033618

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2015-09-17T16:00:00

Updated: 2024-08-06T06:50:02.816Z

Reserved: 2015-07-17T00:00:00

Link: CVE-2015-5538

Vulnrichment

No data.

NVD

Status : Modified

Published: 2015-09-17T16:59:02.730

Modified: 2016-12-22T03:00:01.103

Link: CVE-2015-5538

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2015-06-26T00:00:00", "descriptions": [{"lang": "en", "value": "Multiple unspecified vulnerabilities in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 10.1 Build 132.8, 10.5 before Build 57.7, and 10.5e before Build 56.1505.e allow remote attackers to gain privileges via unknown vectors, related to the (1) Command Line Interface (CLI) and the (2) Web User Interface (UI)."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2016-12-20T16:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "1033618", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1033618"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://support.citrix.com/article/CTX201334"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2015-5538", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Multiple unspecified vulnerabilities in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 10.1 Build 132.8, 10.5 before Build 57.7, and 10.5e before Build 56.1505.e allow remote attackers to gain privileges via unknown vectors, related to the (1) Command Line Interface (CLI) and the (2) Web User Interface (UI)."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "1033618", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1033618"}, {"name": "http://support.citrix.com/article/CTX201334", "refsource": "CONFIRM", "url": "http://support.citrix.com/article/CTX201334"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T06:50:02.816Z"}, "title": "CVE Program Container", "references": [{"name": "1033618", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1033618"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://support.citrix.com/article/CTX201334"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2015-5538", "datePublished": "2015-09-17T16:00:00", "dateReserved": "2015-07-17T00:00:00", "dateUpdated": "2024-08-06T06:50:02.816Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:citrix:netscaler_application_delivery_controller_firmware:10.1:*:*:*:*:*:*:*", "matchCriteriaId": "FD151FA3-8B96-48AF-B908-C29EAE88EF5B", "vulnerable": true}, {"criteria": "cpe:2.3:o:citrix:netscaler_application_delivery_controller_firmware:10.5:*:*:*:*:*:*:*", "matchCriteriaId": "D8C7525B-2A2D-43AF-8DA0-11FF28322337", "vulnerable": true}, {"criteria": "cpe:2.3:o:citrix:netscaler_application_delivery_controller_firmware:10.5e:*:*:*:*:*:*:*", "matchCriteriaId": "0EE0A709-2C34-495C-85F1-9DEE8DD58BE7", "vulnerable": true}, {"criteria": "cpe:2.3:o:citrix:netscaler_gateway_firmware:10.1:*:*:*:*:*:*:*", "matchCriteriaId": "A254925E-AD47-4722-AAB2-43A6FEA900AC", "vulnerable": true}, {"criteria": "cpe:2.3:o:citrix:netscaler_gateway_firmware:10.5:*:*:*:*:*:*:*", "matchCriteriaId": "7E0FA8E2-3E8F-481E-8C39-FB00A9739DFC", "vulnerable": true}, {"criteria": "cpe:2.3:o:citrix:netscaler_gateway_firmware:10.5e:*:*:*:*:*:*:*", "matchCriteriaId": "4C6A8316-7943-4951-8FB7-A14D0FAB8F3E", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Multiple unspecified vulnerabilities in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 10.1 Build 132.8, 10.5 before Build 57.7, and 10.5e before Build 56.1505.e allow remote attackers to gain privileges via unknown vectors, related to the (1) Command Line Interface (CLI) and the (2) Web User Interface (UI)."}, {"lang": "es", "value": "M\u00faltiples vulnerabilidades no especificadas en Citrix NetScaler Application Delivery Controller (ADC) y NetScaler Gateway en versiones anteriores a 10.1 Build 132.8, 10.5 en versiones anteriores a Build 57.7 y 10.5e en versiones anteriores a Build 56.1505.e, permite a atacantes remotos obtener privilegios a trav\u00e9s de vectores no especificados, relacionado con la (1) Command Line Interface (CLI) y (2) Web User Interface (UI)."}], "id": "CVE-2015-5538", "lastModified": "2016-12-22T03:00:01.103", "metrics": {"cvssMetricV2": [{"acInsufInfo": true, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2015-09-17T16:59:02.730", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://support.citrix.com/article/CTX201334"}, {"source": "cve@mitre.org", "url": "http://www.securitytracker.com/id/1033618"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}