All the vulnerabilites related to NetScaler - NetScaler Gateway
cve-2024-8535
Vulnerability from cvelistv5
Published
2024-11-12 18:28
Modified
2024-11-21 16:18
Severity ?
EPSS score ?
Summary
Authenticated user can access unintended user capabilities in NetScaler ADC and NetScaler Gateway if the appliance must be configured as a Gateway (SSL VPN, ICA Proxy, CVPN, RDP Proxy) with KCDAccount configuration for Kerberos SSO to access backend resources OR the appliance must be configured as an Auth Server (AAA Vserver) with KCDAccount configuration for Kerberos SSO to access backend resources
References
Impacted products
| Vendor | Product | Version | |||||
|---|---|---|---|---|---|---|---|
| ▼ | NetScaler | NetScaler ADC |
Version: 14.1 Version: 13.1 Version: 13.1 FIPS Version: 12.1-FIPS Version: 12.1-NDcPP |
||||
|
|||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:netscaler:adc:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "adc",
"vendor": "netscaler",
"versions": [
{
"lessThan": "29.72",
"status": "affected",
"version": "14.1",
"versionType": "custom"
},
{
"lessThan": "55.34",
"status": "affected",
"version": "13.1",
"versionType": "custom"
},
{
"lessThan": "37.207",
"status": "affected",
"version": "13.1fips",
"versionType": "custom"
},
{
"lessThan": "55.321",
"status": "affected",
"version": "12.1-fips",
"versionType": "custom"
},
{
"lessThan": "55.321",
"status": "affected",
"version": "12.1-ndcpp",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:netscaler:gateway:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "gateway",
"vendor": "netscaler",
"versions": [
{
"lessThan": "29.72",
"status": "affected",
"version": "14.1",
"versionType": "custom"
},
{
"lessThan": "55.34",
"status": "affected",
"version": "13.1",
"versionType": "custom"
},
{
"lessThan": "37.207",
"status": "affected",
"version": "13.1fips",
"versionType": "custom"
},
{
"lessThan": "55.321",
"status": "affected",
"version": "12.1-fips",
"versionType": "custom"
},
{
"lessThan": "55.321",
"status": "affected",
"version": "12.1-ndcpp",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-8535",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-13T20:05:08.852710Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-552",
"description": "CWE-552 Files or Directories Accessible to External Parties",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-21T16:18:12.855Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "NetScaler ADC",
"vendor": "NetScaler",
"versions": [
{
"lessThan": "29.72",
"status": "affected",
"version": "14.1",
"versionType": "patch"
},
{
"lessThan": "55.34",
"status": "affected",
"version": "13.1",
"versionType": "patch"
},
{
"lessThan": "37.207",
"status": "affected",
"version": "13.1 FIPS",
"versionType": "patch"
},
{
"lessThan": "55.321",
"status": "affected",
"version": "12.1-FIPS",
"versionType": "patch"
},
{
"lessThan": "55.321",
"status": "affected",
"version": "12.1-NDcPP",
"versionType": "patch"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NetScaler Gateway",
"vendor": "NetScaler",
"versions": [
{
"lessThan": "29.72",
"status": "affected",
"version": "14.1",
"versionType": "patch"
},
{
"lessThan": "55.34",
"status": "affected",
"version": "13.1",
"versionType": "patch"
},
{
"lessThan": "37.207",
"status": "affected",
"version": "13.1-FIPS",
"versionType": "patch"
},
{
"lessThan": "55.321",
"status": "affected",
"version": "12.1-FIPS",
"versionType": "patch"
},
{
"lessThan": "55.321",
"status": "affected",
"version": "12.1-NDcPP",
"versionType": "patch"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAuthenticated user can access unintended user capabilities\u0026nbsp;\u003c/span\u003ein\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eNetScaler ADC and NetScaler Gateway if t\u003c/span\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ehe appliance must be configured as a Gateway (SSL VPN, ICA Proxy, CVPN, RDP Proxy) with KCDAccount configuration for Kerberos SSO to access backend resources\u0026nbsp;\u003c/span\u003e\u003cstrong\u003eOR\u003c/strong\u003e\u003cspan style=\"background-color: var(--wht);\"\u003e\u0026nbsp;t\u003c/span\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ehe appliance must be configured as an\u0026nbsp;\u003c/span\u003e\u003cspan style=\"background-color: var(--wht);\"\u003eAuth Server (AAA Vserver) with KCDAccount configuration for Kerberos SSO to access backend resources\u003c/span\u003e\u003cspan style=\"background-color: var(--wht);\"\u003e\u003cbr\u003e\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Authenticated user can access unintended user capabilities\u00a0in\u00a0NetScaler ADC and NetScaler Gateway if the appliance must be configured as a Gateway (SSL VPN, ICA Proxy, CVPN, RDP Proxy) with KCDAccount configuration for Kerberos SSO to access backend resources\u00a0OR\u00a0the appliance must be configured as an\u00a0Auth Server (AAA Vserver) with KCDAccount configuration for Kerberos SSO to access backend resources"
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:H/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-12T18:31:02.674Z",
"orgId": "e437aed5-38e0-4fa3-a98b-cb73e7acaec6",
"shortName": "Citrix"
},
"references": [
{
"url": "https://support.citrix.com/s/article/CTX691608-netscaler-adc-and-netscaler-gateway-security-bulletin-for-cve20248534-and-cve20248535?language=en_US"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Authenticated user can access unintended user capabilities",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "e437aed5-38e0-4fa3-a98b-cb73e7acaec6",
"assignerShortName": "Citrix",
"cveId": "CVE-2024-8535",
"datePublished": "2024-11-12T18:28:51.398Z",
"dateReserved": "2024-09-06T17:18:27.467Z",
"dateUpdated": "2024-11-21T16:18:12.855Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-8534
Vulnerability from cvelistv5
Published
2024-11-12 18:15
Modified
2024-11-21 16:19
Severity ?
EPSS score ?
Summary
Memory safety vulnerability leading to memory corruption and Denial of Service in NetScaler ADC and Gateway if the appliance must be configured as a Gateway (VPN Vserver) with RDP Feature enabled OR the appliance must be configured as a Gateway (VPN Vserver) and RDP Proxy Server Profile is created and set to Gateway (VPN Vserver) OR the appliance must be configured as a Auth Server (AAA Vserver) with RDP Feature enabled
References
Impacted products
| Vendor | Product | Version | |||||
|---|---|---|---|---|---|---|---|
| ▼ | NetSclaer | NetScaler ADC |
Version: 14.1 Version: 13.1 Version: 13.1-FIPS Version: 12.1-FIPS Version: 12.1-NDcPP |
||||
|
|||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:netscaler:adc:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "adc",
"vendor": "netscaler",
"versions": [
{
"lessThan": "14.1-29.72",
"status": "affected",
"version": "14.1",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:netscaler:gateway:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "gateway",
"vendor": "netscaler",
"versions": [
{
"lessThan": "14.1-29.72",
"status": "affected",
"version": "14.1",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:netscaler:adc:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "adc",
"vendor": "netscaler",
"versions": [
{
"lessThan": "13.1-55.34",
"status": "affected",
"version": "13.1",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:netscaler:netscaler-adc_13.1-fips:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "netscaler-adc_13.1-fips",
"vendor": "netscaler",
"versions": [
{
"lessThan": "13.1-37.207",
"status": "affected",
"version": "13.1",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:netscaler:netscaler-adc_12.1-fips:12.1:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "netscaler-adc_12.1-fips",
"vendor": "netscaler",
"versions": [
{
"lessThan": "12.1-55.321",
"status": "affected",
"version": "12.1",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:netscaler:netscaler-adc_12.1-ndcpp:12.1:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "netscaler-adc_12.1-ndcpp",
"vendor": "netscaler",
"versions": [
{
"lessThan": "12.1-55.321",
"status": "affected",
"version": "12.1",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-8534",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-13T14:38:35.887321Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-21T16:19:44.438Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "NetScaler ADC",
"vendor": "NetSclaer",
"versions": [
{
"lessThan": "29.72",
"status": "affected",
"version": "14.1",
"versionType": "patch"
},
{
"lessThan": "55.34",
"status": "affected",
"version": "13.1",
"versionType": "patch"
},
{
"lessThan": "37.207",
"status": "affected",
"version": "13.1-FIPS",
"versionType": "patch"
},
{
"lessThan": "55.321",
"status": "affected",
"version": "12.1-FIPS",
"versionType": "patch"
},
{
"lessThan": "55.321",
"status": "affected",
"version": "12.1-NDcPP",
"versionType": "patch"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NetScaler Gateway",
"vendor": "NetScaler",
"versions": [
{
"lessThan": "29.72",
"status": "affected",
"version": "14.1",
"versionType": "patch"
},
{
"lessThan": "55.34",
"status": "affected",
"version": "13.1",
"versionType": "patch"
},
{
"lessThan": "37.207",
"status": "affected",
"version": "13.1-FIPS",
"versionType": "patch"
},
{
"lessThan": "55.321",
"status": "affected",
"version": "12.1-FIPS",
"versionType": "patch"
},
{
"lessThan": "55.321",
"status": "affected",
"version": "12.1-NDcPP",
"versionType": "patch"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eMemory safety vulnerability leading to memory corruption and Denial of Service\u0026nbsp;\u003c/span\u003ein NetScaler ADC and Gateway if t\u003cspan style=\"background-color: var(--wht);\"\u003ehe appliance must be configured as a Gateway (VPN Vserver) with RDP Feature enabled\u0026nbsp;\u003c/span\u003e\u003cstrong\u003eOR t\u003c/strong\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ehe appliance must be configured as a Gateway (VPN Vserver) and RDP Proxy Server Profile is created and set to Gateway (VPN Vserver)\u0026nbsp;\u003c/span\u003e\u003cstrong\u003eOR t\u003c/strong\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ehe appliance must be configured as a Auth Server (AAA Vserver) with RDP Feature enabled\u003c/span\u003e\u003cstrong\u003e\u003cbr\u003e\u003c/strong\u003e\u003cbr\u003e"
}
],
"value": "Memory safety vulnerability leading to memory corruption and Denial of Service\u00a0in NetScaler ADC and Gateway if the appliance must be configured as a Gateway (VPN Vserver) with RDP Feature enabled\u00a0OR the appliance must be configured as a Gateway (VPN Vserver) and RDP Proxy Server Profile is created and set to Gateway (VPN Vserver)\u00a0OR the appliance must be configured as a Auth Server (AAA Vserver) with RDP Feature enabled"
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:L",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-12T18:15:44.673Z",
"orgId": "e437aed5-38e0-4fa3-a98b-cb73e7acaec6",
"shortName": "Citrix"
},
"references": [
{
"url": "https://support.citrix.com/s/article/CTX691608-netscaler-adc-and-netscaler-gateway-security-bulletin-for-cve20248534-and-cve20248535?language=en_US"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Memory safety vulnerability leading to memory corruption and Denial of Service",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "e437aed5-38e0-4fa3-a98b-cb73e7acaec6",
"assignerShortName": "Citrix",
"cveId": "CVE-2024-8534",
"datePublished": "2024-11-12T18:15:44.673Z",
"dateReserved": "2024-09-06T17:18:25.789Z",
"dateUpdated": "2024-11-21T16:19:44.438Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-5491
Vulnerability from cvelistv5
Published
2024-07-10 18:56
Modified
2024-11-01 15:22
Severity ?
EPSS score ?
Summary
Denial of Service in NetScaler ADC and NetScaler Gateway in NetScaler
References
Impacted products
| Vendor | Product | Version | |||||
|---|---|---|---|---|---|---|---|
| ▼ | NetScaler | NetScaler ADC |
Version: 14.1 Version: 13.1 Version: 13.0 Version: 13.1-FIPS Version: 12.1-FIPS Version: 12.1-NDcPP |
||||
|
|||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-5491",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-10T20:25:24.933103Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-noinfo Not enough information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-01T15:22:05.242Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T21:11:12.815Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.citrix.com/article/CTX677944/netscaler-adc-and-netscaler-gateway-security-bulletin-for-cve20245491-and-cve20245492"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "NetScaler ADC",
"vendor": "NetScaler",
"versions": [
{
"lessThan": "25.53",
"status": "affected",
"version": "14.1",
"versionType": "patch"
},
{
"lessThan": "53.17",
"status": "affected",
"version": "13.1",
"versionType": "patch"
},
{
"lessThan": "92.31",
"status": "affected",
"version": "13.0",
"versionType": "patch"
},
{
"lessThan": "37.183",
"status": "affected",
"version": "13.1-FIPS",
"versionType": "patch"
},
{
"lessThan": "55.304",
"status": "affected",
"version": "12.1-FIPS",
"versionType": "patch"
},
{
"lessThan": "55.304",
"status": "affected",
"version": "12.1-NDcPP",
"versionType": "patch"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NetScaler Gateway",
"vendor": "NetScaler",
"versions": [
{
"lessThan": "25.53",
"status": "affected",
"version": "14.1",
"versionType": "patch"
},
{
"lessThan": "53.17",
"status": "affected",
"version": "13.1",
"versionType": "patch"
},
{
"lessThan": "92.31",
"status": "affected",
"version": "13.0",
"versionType": "patch"
}
]
}
],
"datePublic": "2024-07-09T18:46:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Denial of Service in NetScaler ADC and NetScaler Gateway in NetScaler"
}
],
"value": "Denial of Service in NetScaler ADC and NetScaler Gateway in NetScaler"
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-10T18:56:08.095Z",
"orgId": "e437aed5-38e0-4fa3-a98b-cb73e7acaec6",
"shortName": "Citrix"
},
"references": [
{
"url": "https://support.citrix.com/article/CTX677944/netscaler-adc-and-netscaler-gateway-security-bulletin-for-cve20245491-and-cve20245492"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Denial of Service",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "e437aed5-38e0-4fa3-a98b-cb73e7acaec6",
"assignerShortName": "Citrix",
"cveId": "CVE-2024-5491",
"datePublished": "2024-07-10T18:56:08.095Z",
"dateReserved": "2024-05-29T20:16:35.305Z",
"dateUpdated": "2024-11-01T15:22:05.242Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}