CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
Low
EPSS
Percentile
87.7%
Two vulnerabilities have been discovered in NetScaler ADC (formerly Citrix ADC) and NetScaler Gateway (formerly Citrix Gateway).
Affected Versions:
The following supported versions of NetScaler ADC and NetScaler Gateway are affected by the vulnerabilities:
Note: NetScaler ADC and NetScaler Gateway version 12.1 is now End Of Life (EOL) and is vulnerable.
This bulletin only applies to customer-managed NetScaler ADC and NetScaler Gateway products. Customers using Citrix-managed cloud services or Citrix-managed Adaptive Authentication do not need to take any action.
Summary:
NetScaler ADC and NetScaler Gateway contain the vulnerabilities described below.
Vendor | Product | Version | CPE |
---|---|---|---|
citrix | netscaler | * | cpe:2.3:a:citrix:netscaler:*:*:*:*:*:*:*:* |
citrix | netscaler_gateway | * | cpe:2.3:h:citrix:netscaler_gateway:*:*:*:*:*:*:*:* |