SD-WAN
CVEs (16)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2019-12989 | Cri | 0.86 | 9.8 | 0.94 | KEV | Jul 16, 2019 | Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 allow SQL Injection. | |
| CVE-2019-12991 | Hig | 0.78 | 8.8 | 0.74 | KEV | Jul 16, 2019 | Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 5 of 6). | |
| CVE-2019-12990 | Cri | 0.67 | 9.8 | 0.39 | Jul 16, 2019 | Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 allow Directory Traversal. | ||
| CVE-2019-12988 | Cri | 0.67 | 9.8 | 0.40 | Jul 16, 2019 | Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 4 of 6). | ||
| CVE-2019-12987 | Cri | 0.67 | 9.8 | 0.43 | Jul 16, 2019 | Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 3 of 6). | ||
| CVE-2019-12986 | Cri | 0.67 | 9.8 | 0.40 | Jul 16, 2019 | Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 2 of 6). | ||
| CVE-2019-12985 | Cri | 0.67 | 9.8 | 0.40 | Jul 16, 2019 | Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 1 of 6). | ||
| CVE-2018-17445 | Cri | 0.65 | 9.8 | 0.11 | Oct 23, 2018 | A Command Injection issue was discovered in Citrix SD-WAN 10.1.0 and NetScaler SD-WAN 9.3.x before 9.3.6 and 10.0.x before 10.0.4. | ||
| CVE-2018-17448 | Cri | 0.64 | 9.8 | 0.02 | Oct 23, 2018 | An Incorrect Access Control issue was discovered in Citrix SD-WAN 10.1.0 and NetScaler SD-WAN 9.3.x before 9.3.6 and 10.0.x before 10.0.4. | ||
| CVE-2018-17446 | Cri | 0.64 | 9.8 | 0.02 | Oct 23, 2018 | A SQL Injection issue was discovered in Citrix SD-WAN 10.1.0 and NetScaler SD-WAN 9.3.x before 9.3.6 and 10.0.x before 10.0.4. | ||
| CVE-2019-12992 | Hig | 0.61 | 8.8 | 0.49 | Jul 16, 2019 | Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 6 of 6). | ||
| CVE-2018-17447 | Hig | 0.49 | 7.5 | 0.02 | Oct 23, 2018 | An Information Exposure Through Log Files issue was discovered in Citrix SD-WAN 10.1.0 and NetScaler SD-WAN 9.3.x before 9.3.6 and 10.0.x before 10.0.4. | ||
| CVE-2018-17444 | Hig | 0.49 | 7.5 | 0.04 | Oct 23, 2018 | A Directory Traversal issue was discovered in Citrix SD-WAN 10.1.0 and NetScaler SD-WAN 9.3.x before 9.3.6 and 10.0.x before 10.0.4. | ||
| CVE-2020-6175 | Med | 0.38 | 5.9 | 0.01 | Mar 16, 2020 | Citrix SD-WAN 10.2.x before 10.2.6 and 11.0.x before 11.0.3 has Missing SSL Certificate Validation. | ||
| CVE-2019-11550 | Med | 0.38 | 5.9 | 0.01 | May 8, 2019 | Citrix SD-WAN 10.2.x before 10.2.1 and NetScaler SD-WAN 10.0.x before 10.0.7 have Improper Certificate Validation. | ||
| CVE-2022-27506 | Low | 0.18 | 2.7 | 0.01 | Apr 13, 2022 | Hard-coded credentials allow administrators to access the shell via the SD-WAN CLI |
- risk 0.86cvss 9.8epss 0.94
Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 allow SQL Injection.
- risk 0.78cvss 8.8epss 0.74
Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 5 of 6).
- risk 0.67cvss 9.8epss 0.39
Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 allow Directory Traversal.
- risk 0.67cvss 9.8epss 0.40
Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 4 of 6).
- risk 0.67cvss 9.8epss 0.43
Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 3 of 6).
- risk 0.67cvss 9.8epss 0.40
Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 2 of 6).
- risk 0.67cvss 9.8epss 0.40
Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 1 of 6).
- risk 0.65cvss 9.8epss 0.11
A Command Injection issue was discovered in Citrix SD-WAN 10.1.0 and NetScaler SD-WAN 9.3.x before 9.3.6 and 10.0.x before 10.0.4.
- risk 0.64cvss 9.8epss 0.02
An Incorrect Access Control issue was discovered in Citrix SD-WAN 10.1.0 and NetScaler SD-WAN 9.3.x before 9.3.6 and 10.0.x before 10.0.4.
- risk 0.64cvss 9.8epss 0.02
A SQL Injection issue was discovered in Citrix SD-WAN 10.1.0 and NetScaler SD-WAN 9.3.x before 9.3.6 and 10.0.x before 10.0.4.
- risk 0.61cvss 8.8epss 0.49
Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 6 of 6).
- risk 0.49cvss 7.5epss 0.02
An Information Exposure Through Log Files issue was discovered in Citrix SD-WAN 10.1.0 and NetScaler SD-WAN 9.3.x before 9.3.6 and 10.0.x before 10.0.4.
- risk 0.49cvss 7.5epss 0.04
A Directory Traversal issue was discovered in Citrix SD-WAN 10.1.0 and NetScaler SD-WAN 9.3.x before 9.3.6 and 10.0.x before 10.0.4.
- risk 0.38cvss 5.9epss 0.01
Citrix SD-WAN 10.2.x before 10.2.6 and 11.0.x before 11.0.3 has Missing SSL Certificate Validation.
- risk 0.38cvss 5.9epss 0.01
Citrix SD-WAN 10.2.x before 10.2.1 and NetScaler SD-WAN 10.0.x before 10.0.7 have Improper Certificate Validation.
- risk 0.18cvss 2.7epss 0.01
Hard-coded credentials allow administrators to access the shell via the SD-WAN CLI