VYPR

Netscaler SD-WAN

by Citrix Systems

CVEs (14)

  • CVE-2017-6316CriKEVJul 20, 2017
    risk 0.85cvss 9.8epss 0.73

    Citrix NetScaler SD-WAN devices through v9.1.2.26.561201 allow remote attackers to execute arbitrary shell commands as root via a CGISESSID cookie. On CloudBridge (the former name of NetScaler SD-WAN) devices, the cookie name was CAKEPHP rather than CGISESSID.

  • CVE-2019-12989KEVJul 16, 2019
    risk 0.22cvss epss 0.94

    Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 allow SQL Injection.

  • CVE-2019-12991KEVJul 16, 2019
    risk 0.21cvss epss 0.74

    Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 5 of 6).

  • CVE-2019-12985Jul 16, 2019
    risk 0.07cvss epss 0.43

    Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 1 of 6).

  • CVE-2019-12986Jul 16, 2019
    risk 0.07cvss epss 0.40

    Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 2 of 6).

  • CVE-2019-12987Jul 16, 2019
    risk 0.07cvss epss 0.44

    Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 3 of 6).

  • CVE-2019-12988Jul 16, 2019
    risk 0.07cvss epss 0.43

    Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 4 of 6).

  • CVE-2019-12990Jul 16, 2019
    risk 0.07cvss epss 0.39

    Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 allow Directory Traversal.

  • CVE-2019-12992Jul 16, 2019
    risk 0.00cvss epss 0.49

    Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 6 of 6).

  • CVE-2019-11550May 8, 2019
    risk 0.00cvss epss 0.01

    Citrix SD-WAN 10.2.x before 10.2.1 and NetScaler SD-WAN 10.0.x before 10.0.7 have Improper Certificate Validation.

  • CVE-2018-17448Oct 23, 2018
    risk 0.00cvss epss 0.02

    An Incorrect Access Control issue was discovered in Citrix SD-WAN 10.1.0 and NetScaler SD-WAN 9.3.x before 9.3.6 and 10.0.x before 10.0.4.

  • CVE-2018-17447Oct 23, 2018
    risk 0.00cvss epss 0.02

    An Information Exposure Through Log Files issue was discovered in Citrix SD-WAN 10.1.0 and NetScaler SD-WAN 9.3.x before 9.3.6 and 10.0.x before 10.0.4.

  • CVE-2018-17445Oct 23, 2018
    risk 0.00cvss epss 0.11

    A Command Injection issue was discovered in Citrix SD-WAN 10.1.0 and NetScaler SD-WAN 9.3.x before 9.3.6 and 10.0.x before 10.0.4.

  • CVE-2018-17446Oct 23, 2018
    risk 0.00cvss epss 0.02

    A SQL Injection issue was discovered in Citrix SD-WAN 10.1.0 and NetScaler SD-WAN 9.3.x before 9.3.6 and 10.0.x before 10.0.4.