VYPR

Gateway

by Citrix Systems

CVEs (28)

  • CVE-2023-3519CriKEVJul 19, 2023
    risk 0.93cvss 9.8epss 0.99

    Unauthenticated remote code execution

  • CVE-2019-19781CriKEVDec 27, 2019
    risk 0.93cvss 9.8epss 1.00

    An issue was discovered in Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0. They allow Directory Traversal.

  • CVE-2022-27518CriKEVDec 13, 2022
    risk 0.76cvss 9.8epss 0.07

    Unauthenticated remote arbitrary code execution

  • CVE-2022-27510CriNov 8, 2022
    risk 0.64cvss 9.8epss 0.01

    Unauthorized access to Gateway user capabilities

  • CVE-2019-18225CriOct 21, 2019
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered in Citrix Application Delivery Controller (ADC) and Gateway before 10.5 build 70.8, 11.x before 11.1 build 63.9, 12.0 before build 62.10, 12.1 before build 54.16, and 13.0 before build 41.28. An attacker with management-interface access can bypass…

  • CVE-2020-8193MedKEVJul 10, 2020
    risk 0.61cvss 6.5epss 0.88

    Improper access control in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 allows unauthenticated access to certain URL endpoints.

  • CVE-2020-8197HigJul 10, 2020
    risk 0.57cvss 8.8epss 0.02

    Privilege escalation vulnerability on Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 allows a low privileged user with management access to execute arbitrary commands.

  • CVE-2020-8195MedKEVJul 10, 2020
    risk 0.57cvss 6.5epss 0.33

    Improper input validation in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 resulting in limited information disclosure to low privileged users.

  • CVE-2023-3466HigJul 19, 2023
    risk 0.54cvss 8.3epss 0.03

    Reflected Cross-Site Scripting (XSS)

  • CVE-2022-27513HigNov 8, 2022
    risk 0.54cvss 8.3epss 0.00

    Remote desktop takeover via phishing

  • CVE-2021-22927HigAug 5, 2021
    risk 0.53cvss 8.1epss 0.01

    A session fixation vulnerability exists in Citrix ADC and Citrix Gateway 13.0-82.45 when configured SAML service provider that could allow an attacker to hijack a session.

  • CVE-2022-27508HigJan 26, 2023
    risk 0.49cvss 7.5epss 0.01

    Unauthenticated denial of service

  • CVE-2020-8190HigJul 10, 2020
    risk 0.49cvss 7.5epss 0.01

    Incorrect file permissions in Citrix ADC and Citrix Gateway before versions 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 allows privilege escalation.

  • CVE-2020-8187HigJul 10, 2020
    risk 0.49cvss 7.5epss 0.02

    Improper input validation in Citrix ADC and Citrix Gateway versions before 11.1-63.9 and 12.0-62.10 allows unauthenticated users to perform a denial of service attack.

  • CVE-2020-10111HigMar 6, 2020
    risk 0.49cvss 7.5epss 0.02

    Citrix Gateway 11.1, 12.0, and 12.1 has an Inconsistent Interpretation of HTTP Requests. NOTE: Citrix disputes the reported behavior as not a security issue. Citrix ADC only caches HTTP/1.1 traffic for performance optimization

  • CVE-2023-24488MedJul 10, 2023
    risk 0.46cvss 6.1epss 0.81

    Cross site scripting vulnerability in Citrix ADC and Citrix Gateway  in allows and attacker to perform cross site scripting

  • CVE-2020-8194MedJul 10, 2020
    risk 0.43cvss 6.5epss 0.11

    Reflected code injection in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 allows the modification of a file download.

  • CVE-2022-27507MedJan 26, 2023
    risk 0.42cvss 6.5epss 0.01

    Authenticated denial of service

  • CVE-2019-18177MedDec 26, 2022
    risk 0.42cvss 6.5epss 0.01

    In certain Citrix products, information disclosure can be achieved by an authenticated VPN user when there is a configured SSL VPN endpoint. This affects Citrix ADC and Citrix Gateway 13.0-58.30 and later releases before the CTX276688 update.

  • CVE-2021-22920MedAug 5, 2021
    risk 0.42cvss 6.5epss 0.01

    A vulnerability has been discovered in Citrix ADC (formerly known as NetScaler ADC) and Citrix Gateway (formerly known as NetScaler Gateway), and Citrix SD-WAN WANOP Edition models 4000-WO, 4100-WO, 5000-WO, and 5100-WO. These vulnerabilities, if exploited, could lead to a…

Page 1 of 2