Lucene search
HistoryMar 12, 2024 - 1:15 p.m.
CVE-2024-2049
cve-2024-2049
ssrf
citrix sd-wan
management ip.
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
0.0004 Low
EPSS
Percentile
9.2%
Server-Side Request Forgery (SSRF) in Citrix SD-WAN Standard/Premium Editions on or after 11.4.0 and before 11.4.4.46 allows an attacker to disclose limited information from the appliance via Access to management IP.
Related
cve
cve
CVE-2024-2049
2024-03-12 13:15:49
citrix
citrix
Citrix SDWAN Security Bulletin for CVE-2024-2049
2024-03-12 12:08:27
cvelist
cvelist
CVE-2024-2049 Server-Side Request Forgery (SSRF)
2024-03-12 12:39:45
prion
prion
Server side request forgery (ssrf)
2024-03-12 13:15:00
nessus
nessus
Citrix SD-WAN 11.4.x < 11.4.4.46 (CTX617071)
2024-03-14 00:00:00
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
0.0004 Low
EPSS
Percentile
9.2%
Related for NVD:CVE-2024-2049