VYPR
Get started
← All advisories
Medium severity6.5NVD Advisory· Published Jun 25, 2009· Updated Apr 23, 2026

CVE-2009-2213

CVE-2009-2213

Description

The default configuration of the Security global settings on the Citrix NetScaler Access Gateway appliance with Enterprise Edition firmware 9.0, 8.1, and earlier specifies Allow for the Default Authorization Action option, which might allow remote authenticated users to bypass intended access restrictions.

Affected products

5
  • Citrix Systems/Netscaler Access Gateway
    cpe:2.3:h:citrix:netscaler_access_gateway:-:-:enterprise:*:*:*:*:*
  • Citrix Systems/Netscaler Access Gateway Firmware4 versions
    cpe:2.3:o:citrix:netscaler_access_gateway_firmware:*:*:*:*:*:*:*:*+ 3 more
    • cpe:2.3:o:citrix:netscaler_access_gateway_firmware:*:*:*:*:*:*:*:*range: <=8.1
    • cpe:2.3:o:citrix:netscaler_access_gateway_firmware:7.0:*:*:*:*:*:*:*
    • cpe:2.3:o:citrix:netscaler_access_gateway_firmware:8.0:*:*:*:*:*:*:*
    • cpe:2.3:o:citrix:netscaler_access_gateway_firmware:9.0:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

4

News mentions

0

No linked articles in our index yet.