The Nitro API in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 10.1 Build 133.9, 10.5 before Build 58.11, and 10.5.e before Build 56.1505.e on NetScaler Service Delivery Appliance Service VM (SVM) devices allow attackers to obtain credentials via the browser cache.
References
Link | Resource |
---|---|
http://support.citrix.com/article/CTX202482 | Patch Vendor Advisory |
http://www.securitytracker.com/id/1034167 | |
http://support.citrix.com/article/CTX202482 | Patch Vendor Advisory |
http://www.securitytracker.com/id/1034167 |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
History
21 Nov 2024, 02:37
Type | Values Removed | Values Added |
---|---|---|
References | () http://support.citrix.com/article/CTX202482 - Patch, Vendor Advisory | |
References | () http://www.securitytracker.com/id/1034167 - |
Information
Published : 2015-11-17 15:59
Updated : 2024-11-21 02:37
NVD link : CVE-2015-7996
Mitre link : CVE-2015-7996
CVE.ORG link : CVE-2015-7996
JSON object : View
Products Affected
citrix
- netscaler_service_delivery_appliance_service_vm
- netscaler_gateway_firmware
- netscaler_application_delivery_controller_firmware
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor