CVE-2014-8580

Citrix NetScaler Application Delivery Controller and NetScaler Gateway 10.5.50.10 before 10.5-52.11, 10.1.122.17 before 10.1-129.11, and 10.1-120.1316.e before 10.1-129.1105.e, when using unspecified configurations, allows remote authenticated users to access "network resources" of other users via unknown vectors.

CVSS v2.0 4.9 MEDIUM

4.9^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:M/Au:S/C:P/I:P/A:N

Exploitability : 6.8 / Impact : 4.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication SINGLE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
http://secunia.com/advisories/62114
http://support.citrix.com/article/CTX200254	Patch Vendor Advisory
http://www.securitytracker.com/id/1031212
https://exchange.xforce.ibmcloud.com/vulnerabilities/98661
http://secunia.com/advisories/62114
http://support.citrix.com/article/CTX200254	Patch Vendor Advisory
http://www.securitytracker.com/id/1031212
https://exchange.xforce.ibmcloud.com/vulnerabilities/98661

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:citrix:netscaler_application_delivery_controller_firmware:10.1.120.1316.e:::::::*
	cpe:2.3:o:citrix:netscaler_application_delivery_controller_firmware:10.1.121:::::::*
	cpe:2.3:o:citrix:netscaler_application_delivery_controller_firmware:10.1.122:::::::*
	cpe:2.3:o:citrix:netscaler_application_delivery_controller_firmware:10.1.123:::::::*
	cpe:2.3:o:citrix:netscaler_application_delivery_controller_firmware:10.1.124:::::::*
	cpe:2.3:o:citrix:netscaler_application_delivery_controller_firmware:10.1.125:::::::*
	cpe:2.3:o:citrix:netscaler_application_delivery_controller_firmware:10.1.126:::::::*
	cpe:2.3:o:citrix:netscaler_application_delivery_controller_firmware:10.1.127:::::::*
	cpe:2.3:o:citrix:netscaler_application_delivery_controller_firmware:10.1.128:::::::*
	cpe:2.3:o:citrix:netscaler_application_delivery_controller_firmware:10.1.129:::::::*
	cpe:2.3:o:citrix:netscaler_application_delivery_controller_firmware:10.5.50.10:::::::*
	cpe:2.3:o:citrix:netscaler_application_delivery_controller_firmware:10.5.51.10:::::::*
	cpe:2.3:o:citrix:netscaler_gateway_firmware:10.1.120.1316.e:::::::*
	cpe:2.3:o:citrix:netscaler_gateway_firmware:10.1.121:::::::*
	cpe:2.3:o:citrix:netscaler_gateway_firmware:10.1.122:::::::*
	cpe:2.3:o:citrix:netscaler_gateway_firmware:10.1.123:::::::*
	cpe:2.3:o:citrix:netscaler_gateway_firmware:10.1.124:::::::*
	cpe:2.3:o:citrix:netscaler_gateway_firmware:10.1.125:::::::*
	cpe:2.3:o:citrix:netscaler_gateway_firmware:10.1.126:::::::*
	cpe:2.3:o:citrix:netscaler_gateway_firmware:10.1.127:::::::*
	cpe:2.3:o:citrix:netscaler_gateway_firmware:10.1.128:::::::*
	cpe:2.3:o:citrix:netscaler_gateway_firmware:10.1.129:::::::*
	cpe:2.3:o:citrix:netscaler_gateway_firmware:10.5.50.10:::::::*
	cpe:2.3:o:citrix:netscaler_gateway_firmware:10.5.51.10:::::::*

History

21 Nov 2024, 02:19

Type	Values Removed	Values Added
References	~~() http://secunia.com/advisories/62114 -~~	() http://secunia.com/advisories/62114 -
References	~~() http://support.citrix.com/article/CTX200254 - Patch, Vendor Advisory~~	() http://support.citrix.com/article/CTX200254 - Patch, Vendor Advisory
References	~~() http://www.securitytracker.com/id/1031212 -~~	() http://www.securitytracker.com/id/1031212 -
References	~~() https://exchange.xforce.ibmcloud.com/vulnerabilities/98661 -~~	() https://exchange.xforce.ibmcloud.com/vulnerabilities/98661 -

Information

Published : 2014-11-07 19:55

Updated : 2024-11-21 02:19

NVD link : CVE-2014-8580

Mitre link : CVE-2014-8580

CVE.ORG link : CVE-2014-8580

JSON object : View

Products Affected

citrix

netscaler_application_delivery_controller_firmware
netscaler_gateway_firmware

CWE

CWE-264

Permissions, Privileges, and Access Controls

4.9 /10