Latest citrix sd-wan Vulnerabilities

CVE-2021-22956
An uncontrolled resource consumption vulnerability exists in Citrix ADC <13.0-83.27, <12.1-63.22 and 11.1-65.23 that could allow an attacker with access to NSIP or SNIP with management interface acces...
Citrix Application Delivery Controller Firmware<11.1-65.23
Citrix Application Delivery Controller Firmware>=12.1<12.1-63.22
Citrix Application Delivery Controller Firmware>=13.0<13.0-83.27
Citrix Application Delivery Controller
Citrix Gateway<11.1-65.23
Citrix Gateway>=12.1<12.1-63.22
and 3 more
CVE-2020-8273
Privilege escalation of an authenticated user to root in Citrix SD-WAN center versions before 11.2.2, 11.1.2b and 10.2.8.
Citrix SD-WAN>=10.2.0<10.2.8
Citrix SD-WAN>=11.1.0<11.1.2b
Citrix SD-WAN>=11.2.0<11.2.2
CVE-2020-8272
Authentication Bypass resulting in exposure of SD-WAN functionality in Citrix SD-WAN Center versions before 11.2.2, 11.1.2b and 10.2.8
Citrix SD-WAN>=10.2.0<10.2.8
Citrix SD-WAN>=11.1.0<11.1.2b
Citrix SD-WAN>=11.2.0<11.2.2
CVE-2020-8271
Unauthenticated remote code execution with root privileges in Citrix SD-WAN Center versions before 11.2.2, 11.1.2b and 10.2.8
Citrix SD-WAN>=10.2.0<10.2.8
Citrix SD-WAN>=11.1.0<11.1.2b
Citrix SD-WAN>=11.2.0<11.2.2
CVE-2019-12991
Citrix SD-WAN and NetScaler Command Injection Vulnerability
Citrix NetScaler SD-WAN>=10.0<10.0.8
Citrix SD-WAN>=10.2<10.2.3
CVE-2019-12985
Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 1 of 6).
Citrix NetScaler SD-WAN>=10.0<10.0.8
Citrix SD-WAN>=10.2<10.2.3
CVE-2019-12988
Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 4 of 6).
Citrix NetScaler SD-WAN>=10.0<10.0.8
Citrix SD-WAN>=10.2<10.2.3
CVE-2019-12989
Citrix SD-WAN and NetScaler SQL Injection Vulnerability
Citrix NetScaler SD-WAN>=10.0.0<10.0.8
Citrix SD-WAN>=10.2.0<10.2.3
CVE-2019-12986
Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 2 of 6).
Citrix NetScaler SD-WAN>=10.0<10.0.8
Citrix SD-WAN>=10.2<10.2.3
CVE-2019-12987
Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 3 of 6).
Citrix NetScaler SD-WAN>=10.0<10.0.8
Citrix SD-WAN>=10.2<10.2.3
CVE-2018-17444
A Directory Traversal issue was discovered in Citrix SD-WAN 10.1.0 and NetScaler SD-WAN 9.3.x before 9.3.6 and 10.0.x before 10.0.4.
Citrix NetScaler SD-WAN>=9.3.0<=9.3.6
Citrix NetScaler SD-WAN>=10.0.0<=10.0.4
Citrix SD-WAN=10.1.0
CVE-2018-17445
A Command Injection issue was discovered in Citrix SD-WAN 10.1.0 and NetScaler SD-WAN 9.3.x before 9.3.6 and 10.0.x before 10.0.4.
Citrix NetScaler SD-WAN>=9.3.0<=9.3.6
Citrix NetScaler SD-WAN>=10.0.0<=10.0.4
Citrix SD-WAN=10.1.0
CVE-2018-17447
An Information Exposure Through Log Files issue was discovered in Citrix SD-WAN 10.1.0 and NetScaler SD-WAN 9.3.x before 9.3.6 and 10.0.x before 10.0.4.
Citrix NetScaler SD-WAN>=9.3.0<9.3.6
Citrix NetScaler SD-WAN>=10.0.0<10.0.4
Citrix SD-WAN=10.1.0
CVE-2018-17446
A SQL Injection issue was discovered in Citrix SD-WAN 10.1.0 and NetScaler SD-WAN 9.3.x before 9.3.6 and 10.0.x before 10.0.4.
Citrix NetScaler SD-WAN>=9.3.0<=9.3.6
Citrix NetScaler SD-WAN>=10.0.0<=10.0.4
Citrix SD-WAN=10.1.0
CVE-2018-17448
An Incorrect Access Control issue was discovered in Citrix SD-WAN 10.1.0 and NetScaler SD-WAN 9.3.x before 9.3.6 and 10.0.x before 10.0.4.
Citrix NetScaler SD-WAN>=9.3.0<=9.3.6
Citrix NetScaler SD-WAN>=10.0.0<=10.0.4
Citrix SD-WAN=10.1.0

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203