VYPR
Unrated severityNVD Advisory· Published Nov 12, 2024· Updated Nov 21, 2024

Authenticated user can access unintended user capabilities

CVE-2024-8535

Description

Authenticated user can access unintended user capabilities in NetScaler ADC and NetScaler Gateway if the appliance must be configured as a Gateway (SSL VPN, ICA Proxy, CVPN, RDP Proxy) with KCDAccount configuration for Kerberos SSO to access backend resources OR the appliance must be configured as an Auth Server (AAA Vserver) with KCDAccount configuration for Kerberos SSO to access backend resources

Affected products

3
  • Netscaler/ADCllm-fuzzy
  • NetScaler/NetScaler ADCv5
    Range: 14.1
  • NetScaler/NetScaler Gatewayv5
    Range: 14.1

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.