VYPR

ADC

by Citrix Systems

CVEs (29)

  • CVE-2023-3519CriKEVJul 19, 2023
    risk 0.93cvss 9.8epss 0.99

    Unauthenticated remote code execution

  • CVE-2022-27518CriKEVDec 13, 2022
    risk 0.76cvss 9.8epss 0.07

    Unauthenticated remote arbitrary code execution

  • CVE-2020-8193MedKEVJul 10, 2020
    risk 0.61cvss 6.5epss 0.88

    Improper access control in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 allows unauthenticated access to certain URL endpoints.

  • CVE-2020-8247HigSep 18, 2020
    risk 0.57cvss 8.8epss 0.01

    Citrix ADC and Citrix Gateway 13.0 before 13.0-64.35, Citrix ADC and NetScaler Gateway 12.1 before 12.1-58.15, Citrix ADC 12.1-FIPS before 12.1-55.187, Citrix ADC and NetScaler Gateway 12.0, Citrix ADC and NetScaler Gateway 11.1 before 11.1-65.12, Citrix SD-WAN WANOP 11.2 before…

  • CVE-2020-8197HigJul 10, 2020
    risk 0.57cvss 8.8epss 0.02

    Privilege escalation vulnerability on Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 allows a low privileged user with management access to execute arbitrary commands.

  • CVE-2020-8195MedKEVJul 10, 2020
    risk 0.57cvss 6.5epss 0.33

    Improper input validation in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 resulting in limited information disclosure to low privileged users.

  • CVE-2023-3466HigJul 19, 2023
    risk 0.54cvss 8.3epss 0.03

    Reflected Cross-Site Scripting (XSS)

  • CVE-2021-22927HigAug 5, 2021
    risk 0.53cvss 8.1epss 0.01

    A session fixation vulnerability exists in Citrix ADC and Citrix Gateway 13.0-82.45 when configured SAML service provider that could allow an attacker to hijack a session.

  • CVE-2022-27508HigJan 26, 2023
    risk 0.49cvss 7.5epss 0.01

    Unauthenticated denial of service

  • CVE-2021-22956HigDec 7, 2021
    risk 0.49cvss 7.5epss 0.01

    An uncontrolled resource consumption vulnerability exists in Citrix ADC <13.0-83.27, <12.1-63.22 and 11.1-65.23 that could allow an attacker with access to NSIP or SNIP with management interface access to cause a temporary disruption of the Management GUI, Nitro API, and RPC…

  • CVE-2021-22955HigDec 7, 2021
    risk 0.49cvss 7.5epss 0.01

    A unauthenticated denial of service vulnerability exists in Citrix ADC <13.0-83.27, <12.1-63.22 and 11.1-65.23 when configured as a VPN (Gateway) or AAA virtual server could allow an attacker to cause a temporary disruption of the Management GUI, Nitro API, and RPC communication.

  • CVE-2021-22919HigAug 5, 2021
    risk 0.49cvss 7.5epss 0.01

    A vulnerability has been discovered in Citrix ADC (formerly known as NetScaler ADC) and Citrix Gateway (formerly known as NetScaler Gateway), and Citrix SD-WAN WANOP Edition models 4000-WO, 4100-WO, 5000-WO, and 5100-WO. These vulnerabilities, if exploited, could lead to the…

  • CVE-2020-8246HigSep 18, 2020
    risk 0.49cvss 7.5epss 0.02

    Citrix ADC and Citrix Gateway 13.0 before 13.0-64.35, Citrix ADC and NetScaler Gateway 12.1 before 12.1-58.15, Citrix ADC 12.1-FIPS before 12.1-55.187, Citrix ADC and NetScaler Gateway 12.0, Citrix ADC and NetScaler Gateway 11.1 before 11.1-65.12, Citrix SD-WAN WANOP 11.2 before…

  • CVE-2020-8190HigJul 10, 2020
    risk 0.49cvss 7.5epss 0.01

    Incorrect file permissions in Citrix ADC and Citrix Gateway before versions 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 allows privilege escalation.

  • CVE-2020-8187HigJul 10, 2020
    risk 0.49cvss 7.5epss 0.02

    Improper input validation in Citrix ADC and Citrix Gateway versions before 11.1-63.9 and 12.0-62.10 allows unauthenticated users to perform a denial of service attack.

  • CVE-2023-24488MedJul 10, 2023
    risk 0.46cvss 6.1epss 0.81

    Cross site scripting vulnerability in Citrix ADC and Citrix Gateway  in allows and attacker to perform cross site scripting

  • CVE-2020-8194MedJul 10, 2020
    risk 0.43cvss 6.5epss 0.11

    Reflected code injection in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 allows the modification of a file download.

  • CVE-2022-27507MedJan 26, 2023
    risk 0.42cvss 6.5epss 0.01

    Authenticated denial of service

  • CVE-2019-18177MedDec 26, 2022
    risk 0.42cvss 6.5epss 0.01

    In certain Citrix products, information disclosure can be achieved by an authenticated VPN user when there is a configured SSL VPN endpoint. This affects Citrix ADC and Citrix Gateway 13.0-58.30 and later releases before the CTX276688 update.

  • CVE-2021-22920MedAug 5, 2021
    risk 0.42cvss 6.5epss 0.01

    A vulnerability has been discovered in Citrix ADC (formerly known as NetScaler ADC) and Citrix Gateway (formerly known as NetScaler Gateway), and Citrix SD-WAN WANOP Edition models 4000-WO, 4100-WO, 5000-WO, and 5100-WO. These vulnerabilities, if exploited, could lead to a…

Page 1 of 2