What is the severity of CVE-2014-8580?

CVE-2014-8580 has been assigned a moderate severity level due to the potential for unauthorized access to network resources.

How do I fix CVE-2014-8580?

To fix CVE-2014-8580, update your Citrix NetScaler Application Delivery Controller or Gateway to the respective patched versions mentioned in the advisory.

Which versions are affected by CVE-2014-8580?

CVE-2014-8580 affects multiple versions of Citrix NetScaler, specifically those prior to 10.5-52.11 for version 10.5 and 10.1-129.11 for version 10.1.

What types of configurations are vulnerable in CVE-2014-8580?

The vulnerability in CVE-2014-8580 arises from unspecified configurations that allow remote authenticated users to access other users' network resources.

Is there a workaround for CVE-2014-8580?

While the best solution is to update to a patched version, administrators can mitigate CVE-2014-8580 by reviewing and tightening access controls and configurations.

Vulnerability/
CVE-2014-8580

medium

4.9

CWE

264

7/11/2014

6/8/2024

CVE-2014-8580

First published: Fri Nov 07 2014(Updated: )

Citrix NetScaler Application Delivery Controller and NetScaler Gateway 10.5.50.10 before 10.5-52.11, 10.1.122.17 before 10.1-129.11, and 10.1-120.1316.e before 10.1-129.1105.e, when using unspecified configurations, allows remote authenticated users to access "network resources" of other users via unknown vectors.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Citrix Application Delivery Controller Firmware	=10.1.120.1316.e
Citrix Application Delivery Controller Firmware	=10.1.121
Citrix Application Delivery Controller Firmware	=10.1.122
Citrix Application Delivery Controller Firmware	=10.1.123
Citrix Application Delivery Controller Firmware	=10.1.124
Citrix Application Delivery Controller Firmware	=10.1.125
Citrix Application Delivery Controller Firmware	=10.1.126
Citrix Application Delivery Controller Firmware	=10.1.127
Citrix Application Delivery Controller Firmware	=10.1.128
Citrix Application Delivery Controller Firmware	=10.1.129
Citrix Application Delivery Controller Firmware	=10.5.50.10
Citrix Application Delivery Controller Firmware	=10.5.51.10
Citrix Netscaler Gateway Firmware	=10.1.120.1316.e
Citrix Netscaler Gateway Firmware	=10.1.121
Citrix Netscaler Gateway Firmware	=10.1.122
Citrix Netscaler Gateway Firmware	=10.1.123
Citrix Netscaler Gateway Firmware	=10.1.124
Citrix Netscaler Gateway Firmware	=10.1.125
Citrix Netscaler Gateway Firmware	=10.1.126
Citrix Netscaler Gateway Firmware	=10.1.127
Citrix Netscaler Gateway Firmware	=10.1.128
Citrix Netscaler Gateway Firmware	=10.1.129
Citrix Netscaler Gateway Firmware	=10.5.50.10
Citrix Netscaler Gateway Firmware	=10.5.51.10

Remedy

http://support.citrix.com/article/CTX200254

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2014-8580?
CVE-2014-8580 has been assigned a moderate severity level due to the potential for unauthorized access to network resources.
How do I fix CVE-2014-8580?
To fix CVE-2014-8580, update your Citrix NetScaler Application Delivery Controller or Gateway to the respective patched versions mentioned in the advisory.
Which versions are affected by CVE-2014-8580?
CVE-2014-8580 affects multiple versions of Citrix NetScaler, specifically those prior to 10.5-52.11 for version 10.5 and 10.1-129.11 for version 10.1.
What types of configurations are vulnerable in CVE-2014-8580?
The vulnerability in CVE-2014-8580 arises from unspecified configurations that allow remote authenticated users to access other users' network resources.
Is there a workaround for CVE-2014-8580?
While the best solution is to update to a patched version, administrators can mitigate CVE-2014-8580 by reviewing and tightening access controls and configurations.

agent/references
agent/type
collector/mitre-cve
source/MITRE
agent/author
agent/last-modified-date
agent/weakness
agent/remedy
agent/severity
agent/event
agent/first-publish-date
agent/description
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
agent/softwarecombine
vendor/citrix
canonical/citrix application delivery controller firmware
version/citrix application delivery controller firmware/10.1.120.1316.e
version/citrix application delivery controller firmware/10.1.121
version/citrix application delivery controller firmware/10.1.122
version/citrix application delivery controller firmware/10.1.123
version/citrix application delivery controller firmware/10.1.124
version/citrix application delivery controller firmware/10.1.125
version/citrix application delivery controller firmware/10.1.126
version/citrix application delivery controller firmware/10.1.127
version/citrix application delivery controller firmware/10.1.128
version/citrix application delivery controller firmware/10.1.129
version/citrix application delivery controller firmware/10.5.50.10
version/citrix application delivery controller firmware/10.5.51.10
canonical/citrix netscaler gateway firmware
version/citrix netscaler gateway firmware/10.1.120.1316.e
version/citrix netscaler gateway firmware/10.1.121
version/citrix netscaler gateway firmware/10.1.122
version/citrix netscaler gateway firmware/10.1.123
version/citrix netscaler gateway firmware/10.1.124
version/citrix netscaler gateway firmware/10.1.125
version/citrix netscaler gateway firmware/10.1.126
version/citrix netscaler gateway firmware/10.1.127
version/citrix netscaler gateway firmware/10.1.128
version/citrix netscaler gateway firmware/10.1.129
version/citrix netscaler gateway firmware/10.5.50.10
version/citrix netscaler gateway firmware/10.5.51.10