Lucene search

[email protected]NVD:CVE-2017-14602

HistorySep 26, 2017 - 2:29 p.m.

CVE-2017-14602

2017-09-2614:29:00

CWE-287

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

CVSS3

7.2

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

AI Score

7.1

Confidence

High

EPSS

0.002

Percentile

59.7%

JSON

A vulnerability has been identified in the management interface of Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 10.1 before build 135.18, 10.5 before build 66.9, 10.5e before build 60.7010.e, 11.0 before build 70.16, 11.1 before build 55.13, and 12.0 before build 53.13 (except for build 41.24) that, if exploited, could allow an attacker with access to the NetScaler management interface to gain administrative access to the appliance.

Affected configurations

Nvd

Node

citrixapplication_delivery_controller_firmwareMatch10.1

citrixapplication_delivery_controller_firmwareMatch10.5

citrixapplication_delivery_controller_firmwareMatch10.5e

citrixapplication_delivery_controller_firmwareMatch11.0

citrixapplication_delivery_controller_firmwareMatch11.1

citrixapplication_delivery_controller_firmwareMatch12.0

citrixnetscaler_gateway_firmwareMatch10.1

citrixnetscaler_gateway_firmwareMatch10.5

citrixnetscaler_gateway_firmwareMatch10.5e

citrixnetscaler_gateway_firmwareMatch11.0

citrixnetscaler_gateway_firmwareMatch11.1

citrixnetscaler_gateway_firmwareMatch12.0

VendorProductVersionCPE
citrixapplication_delivery_controller_firmware10.1cpe:2.3:o:citrix:application_delivery_controller_firmware:10.1:*:*:*:*:*:*:*
citrixapplication_delivery_controller_firmware10.5cpe:2.3:o:citrix:application_delivery_controller_firmware:10.5:*:*:*:*:*:*:*
citrixapplication_delivery_controller_firmware10.5ecpe:2.3:o:citrix:application_delivery_controller_firmware:10.5e:*:*:*:*:*:*:*
citrixapplication_delivery_controller_firmware11.0cpe:2.3:o:citrix:application_delivery_controller_firmware:11.0:*:*:*:*:*:*:*
citrixapplication_delivery_controller_firmware11.1cpe:2.3:o:citrix:application_delivery_controller_firmware:11.1:*:*:*:*:*:*:*
citrixapplication_delivery_controller_firmware12.0cpe:2.3:o:citrix:application_delivery_controller_firmware:12.0:*:*:*:*:*:*:*
citrixnetscaler_gateway_firmware10.1cpe:2.3:o:citrix:netscaler_gateway_firmware:10.1:*:*:*:*:*:*:*
citrixnetscaler_gateway_firmware10.5cpe:2.3:o:citrix:netscaler_gateway_firmware:10.5:*:*:*:*:*:*:*
citrixnetscaler_gateway_firmware10.5ecpe:2.3:o:citrix:netscaler_gateway_firmware:10.5e:*:*:*:*:*:*:*
citrixnetscaler_gateway_firmware11.0cpe:2.3:o:citrix:netscaler_gateway_firmware:11.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
citrix	application_delivery_controller_firmware	10.1	cpe:2.3:o:citrix:application_delivery_controller_firmware:10.1:::::::*
citrix	application_delivery_controller_firmware	10.5	cpe:2.3:o:citrix:application_delivery_controller_firmware:10.5:::::::*
citrix	application_delivery_controller_firmware	10.5e	cpe:2.3:o:citrix:application_delivery_controller_firmware:10.5e:::::::*
citrix	application_delivery_controller_firmware	11.0	cpe:2.3:o:citrix:application_delivery_controller_firmware:11.0:::::::*
citrix	application_delivery_controller_firmware	11.1	cpe:2.3:o:citrix:application_delivery_controller_firmware:11.1:::::::*
citrix	application_delivery_controller_firmware	12.0	cpe:2.3:o:citrix:application_delivery_controller_firmware:12.0:::::::*
citrix	netscaler_gateway_firmware	10.1	cpe:2.3:o:citrix:netscaler_gateway_firmware:10.1:::::::*
citrix	netscaler_gateway_firmware	10.5	cpe:2.3:o:citrix:netscaler_gateway_firmware:10.5:::::::*
citrix	netscaler_gateway_firmware	10.5e	cpe:2.3:o:citrix:netscaler_gateway_firmware:10.5e:::::::*
citrix	netscaler_gateway_firmware	11.0	cpe:2.3:o:citrix:netscaler_gateway_firmware:11.0:::::::*

Rows per page:

1-10 of 121

References

www.securityfocus.com/bid/100980

support.citrix.com/article/CTX227928

support.citrix.com/article/CTX228091

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

CVSS3

7.2

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

AI Score

7.1

Confidence

High

EPSS

0.002

Percentile

59.7%

JSON

Related for NVD:CVE-2017-14602

cvelist1 prion1 citrix2 nessus1 cve1