The default configuration of the Security global settings on the Citrix NetScaler Access Gateway appliance with Enterprise Edition firmware 9.0, 8.1, and earlier specifies Allow for the Default Authorization Action option, which might allow remote authenticated users to bypass intended access restrictions.
References
Link | Resource |
---|---|
http://support.citrix.com/article/CTX118770 | Broken Link Vendor Advisory |
http://www.securityfocus.com/bid/35422 | Broken Link Third Party Advisory VDB Entry |
http://www.vupen.com/english/advisories/2009/1641 | Permissions Required |
https://exchange.xforce.ibmcloud.com/vulnerabilities/51274 | Third Party Advisory VDB Entry |
Configurations
Configuration 1 (hide)
AND |
|
History
09 Jan 2024, 02:42
Type | Values Removed | Values Added |
---|---|---|
References | (XF) https://exchange.xforce.ibmcloud.com/vulnerabilities/51274 - Third Party Advisory, VDB Entry | |
References | (VUPEN) http://www.vupen.com/english/advisories/2009/1641 - Permissions Required | |
References | (CONFIRM) http://support.citrix.com/article/CTX118770 - Broken Link, Vendor Advisory | |
References | (BID) http://www.securityfocus.com/bid/35422 - Broken Link, Third Party Advisory, VDB Entry | |
CVSS |
v2 : v3 : |
v2 : 6.3
v3 : 6.5 |
CWE | CWE-863 |
Information
Published : 2009-06-25 23:14
Updated : 2024-02-28 11:21
NVD link : CVE-2009-2213
Mitre link : CVE-2009-2213
CVE.ORG link : CVE-2009-2213
JSON object : View
Products Affected
citrix
- netscaler_access_gateway_firmware
- netscaler_access_gateway
CWE
CWE-863
Incorrect Authorization