What is the vulnerability ID for this Citrix NetScaler ADC and NetScaler Gateway vulnerability?

The vulnerability ID for this Citrix NetScaler ADC and NetScaler Gateway vulnerability is CVE-2017-17549.

What is the severity level of CVE-2017-17549?

The severity level of CVE-2017-17549 is medium with a severity value of 5.9.

Which versions of Citrix NetScaler ADC and NetScaler Gateway are affected by CVE-2017-17549?

Citrix NetScaler ADC and NetScaler Gateway versions 10.5, 11.0, 11.1, and 12.0 are affected by CVE-2017-17549.

How can remote attackers exploit CVE-2017-17549?

Remote attackers can exploit CVE-2017-17549 by obtaining sensitive information from the backend client TLS handshake through the use of TLS wi.

Is there a fix available for CVE-2017-17549?

Yes, there is a fix available for CVE-2017-17549. You can find more information on the Citrix support website.

Vulnerability/
CVE-2017-17549

medium

5.9

CWE

200

13/12/2017

5/1/2018

CVE-2017-17549

First published: Wed Dec 13 2017(Updated: )

Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 10.5 before build 67.13, 11.0 before build 71.22, 11.1 before build 56.19, and 12.0 before build 53.22 allow remote attackers to obtain sensitive information from the backend client TLS handshake by leveraging use of TLS with Client Certificates and a Diffie-Hellman Ephemeral (DHE) key exchange.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Citrix Application Delivery Controller Firmware	=10.5
Citrix Application Delivery Controller Firmware	=11.0
Citrix Application Delivery Controller Firmware	=11.1
Citrix Application Delivery Controller Firmware	=12.0
Citrix Netscaler Gateway Firmware	=10.5
Citrix Netscaler Gateway Firmware	=11.0
Citrix Netscaler Gateway Firmware	=11.1
Citrix Netscaler Gateway Firmware	=12.0

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the vulnerability ID for this Citrix NetScaler ADC and NetScaler Gateway vulnerability?
The vulnerability ID for this Citrix NetScaler ADC and NetScaler Gateway vulnerability is CVE-2017-17549.
What is the severity level of CVE-2017-17549?
The severity level of CVE-2017-17549 is medium with a severity value of 5.9.
Which versions of Citrix NetScaler ADC and NetScaler Gateway are affected by CVE-2017-17549?
Citrix NetScaler ADC and NetScaler Gateway versions 10.5, 11.0, 11.1, and 12.0 are affected by CVE-2017-17549.
How can remote attackers exploit CVE-2017-17549?
Remote attackers can exploit CVE-2017-17549 by obtaining sensitive information from the backend client TLS handshake through the use of TLS wi.
Is there a fix available for CVE-2017-17549?
Yes, there is a fix available for CVE-2017-17549. You can find more information on the Citrix support website.

collector/nvd-index
vendor/citrix
product/application delivery controller firmware
canonical/citrix application delivery controller firmware
product/netscaler gateway firmware
canonical/citrix netscaler gateway firmware

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.