cve-2024-8535
Vulnerability from cvelistv5
Published
2024-11-12 18:28
Modified
2024-11-21 16:18
Summary
Authenticated user can access unintended user capabilities in NetScaler ADC and NetScaler Gateway if the appliance must be configured as a Gateway (SSL VPN, ICA Proxy, CVPN, RDP Proxy) with KCDAccount configuration for Kerberos SSO to access backend resources OR the appliance must be configured as an Auth Server (AAA Vserver) with KCDAccount configuration for Kerberos SSO to access backend resources
Impacted products
Vendor Product Version
NetScaler NetScaler Gateway Version: 14.1
Version: 13.1
Version: 13.1-FIPS
Version: 12.1-FIPS
Version: 12.1-NDcPP
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:netscaler:adc:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "adc",
            "vendor": "netscaler",
            "versions": [
              {
                "lessThan": "29.72",
                "status": "affected",
                "version": "14.1",
                "versionType": "custom"
              },
              {
                "lessThan": "55.34",
                "status": "affected",
                "version": "13.1",
                "versionType": "custom"
              },
              {
                "lessThan": "37.207",
                "status": "affected",
                "version": "13.1fips",
                "versionType": "custom"
              },
              {
                "lessThan": "55.321",
                "status": "affected",
                "version": "12.1-fips",
                "versionType": "custom"
              },
              {
                "lessThan": "55.321",
                "status": "affected",
                "version": "12.1-ndcpp",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:netscaler:gateway:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "gateway",
            "vendor": "netscaler",
            "versions": [
              {
                "lessThan": "29.72",
                "status": "affected",
                "version": "14.1",
                "versionType": "custom"
              },
              {
                "lessThan": "55.34",
                "status": "affected",
                "version": "13.1",
                "versionType": "custom"
              },
              {
                "lessThan": "37.207",
                "status": "affected",
                "version": "13.1fips",
                "versionType": "custom"
              },
              {
                "lessThan": "55.321",
                "status": "affected",
                "version": "12.1-fips",
                "versionType": "custom"
              },
              {
                "lessThan": "55.321",
                "status": "affected",
                "version": "12.1-ndcpp",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-8535",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-13T20:05:08.852710Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-552",
                "description": "CWE-552 Files or Directories Accessible to External Parties",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-21T16:18:12.855Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "NetScaler ADC",
          "vendor": "NetScaler",
          "versions": [
            {
              "lessThan": "29.72",
              "status": "affected",
              "version": "14.1",
              "versionType": "patch"
            },
            {
              "lessThan": "55.34",
              "status": "affected",
              "version": "13.1",
              "versionType": "patch"
            },
            {
              "lessThan": "37.207",
              "status": "affected",
              "version": "13.1 FIPS",
              "versionType": "patch"
            },
            {
              "lessThan": "55.321",
              "status": "affected",
              "version": "12.1-FIPS",
              "versionType": "patch"
            },
            {
              "lessThan": "55.321",
              "status": "affected",
              "version": "12.1-NDcPP",
              "versionType": "patch"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "NetScaler Gateway",
          "vendor": "NetScaler",
          "versions": [
            {
              "lessThan": "29.72",
              "status": "affected",
              "version": "14.1",
              "versionType": "patch"
            },
            {
              "lessThan": "55.34",
              "status": "affected",
              "version": "13.1",
              "versionType": "patch"
            },
            {
              "lessThan": "37.207",
              "status": "affected",
              "version": "13.1-FIPS",
              "versionType": "patch"
            },
            {
              "lessThan": "55.321",
              "status": "affected",
              "version": "12.1-FIPS",
              "versionType": "patch"
            },
            {
              "lessThan": "55.321",
              "status": "affected",
              "version": "12.1-NDcPP",
              "versionType": "patch"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAuthenticated user can access unintended user capabilities\u0026nbsp;\u003c/span\u003ein\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eNetScaler ADC and NetScaler Gateway if t\u003c/span\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ehe appliance must be configured as a Gateway (SSL VPN, ICA Proxy, CVPN, RDP Proxy) with KCDAccount configuration for Kerberos SSO to access backend resources\u0026nbsp;\u003c/span\u003e\u003cstrong\u003eOR\u003c/strong\u003e\u003cspan style=\"background-color: var(--wht);\"\u003e\u0026nbsp;t\u003c/span\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ehe appliance must be configured as an\u0026nbsp;\u003c/span\u003e\u003cspan style=\"background-color: var(--wht);\"\u003eAuth Server (AAA Vserver)  with KCDAccount configuration for Kerberos SSO to access backend resources\u003c/span\u003e\u003cspan style=\"background-color: var(--wht);\"\u003e\u003cbr\u003e\u003c/span\u003e\u003cbr\u003e"
            }
          ],
          "value": "Authenticated user can access unintended user capabilities\u00a0in\u00a0NetScaler ADC and NetScaler Gateway if the appliance must be configured as a Gateway (SSL VPN, ICA Proxy, CVPN, RDP Proxy) with KCDAccount configuration for Kerberos SSO to access backend resources\u00a0OR\u00a0the appliance must be configured as an\u00a0Auth Server (AAA Vserver)  with KCDAccount configuration for Kerberos SSO to access backend resources"
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "PRESENT",
            "attackVector": "NETWORK",
            "baseScore": 5.8,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "LOW",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "HIGH",
            "subConfidentialityImpact": "HIGH",
            "subIntegrityImpact": "HIGH",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:H/SI:H/SA:H",
            "version": "4.0",
            "vulnAvailabilityImpact": "LOW",
            "vulnConfidentialityImpact": "LOW",
            "vulnIntegrityImpact": "LOW",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-12T18:31:02.674Z",
        "orgId": "e437aed5-38e0-4fa3-a98b-cb73e7acaec6",
        "shortName": "Citrix"
      },
      "references": [
        {
          "url": "https://support.citrix.com/s/article/CTX691608-netscaler-adc-and-netscaler-gateway-security-bulletin-for-cve20248534-and-cve20248535?language=en_US"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Authenticated user can access unintended user capabilities",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "e437aed5-38e0-4fa3-a98b-cb73e7acaec6",
    "assignerShortName": "Citrix",
    "cveId": "CVE-2024-8535",
    "datePublished": "2024-11-12T18:28:51.398Z",
    "dateReserved": "2024-09-06T17:18:27.467Z",
    "dateUpdated": "2024-11-21T16:18:12.855Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-8535\",\"sourceIdentifier\":\"secure@citrix.com\",\"published\":\"2024-11-12T19:15:19.040\",\"lastModified\":\"2024-11-21T17:15:26.630\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Authenticated user can access unintended user capabilities\u00a0in\u00a0NetScaler ADC and NetScaler Gateway if the appliance must be configured as a Gateway (SSL VPN, ICA Proxy, CVPN, RDP Proxy) with KCDAccount configuration for Kerberos SSO to access backend resources\u00a0OR\u00a0the appliance must be configured as an\u00a0Auth Server (AAA Vserver)  with KCDAccount configuration for Kerberos SSO to access backend resources\"},{\"lang\":\"es\",\"value\":\"El usuario autenticado puede acceder a las capacidades de usuario no deseadas en NetScaler ADC y NetScaler Gateway si el dispositivo debe configurarse como un Gateway (SSL VPN, ICA Proxy, CVPN, RDP Proxy) con configuraci\u00f3n de KCDAccount para Kerberos SSO para acceder a los recursos del backend O el dispositivo debe configurarse como un servidor de autenticaci\u00f3n (AAA Vserver) con configuraci\u00f3n de KCDAccount para Kerberos SSO para acceder a los recursos del backend \"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"secure@citrix.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":5.8,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"PRESENT\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"vulnerableSystemConfidentiality\":\"LOW\",\"vulnerableSystemIntegrity\":\"LOW\",\"vulnerableSystemAvailability\":\"LOW\",\"subsequentSystemConfidentiality\":\"HIGH\",\"subsequentSystemIntegrity\":\"HIGH\",\"subsequentSystemAvailability\":\"HIGH\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirements\":\"NOT_DEFINED\",\"integrityRequirements\":\"NOT_DEFINED\",\"availabilityRequirements\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnerableSystemConfidentiality\":\"NOT_DEFINED\",\"modifiedVulnerableSystemIntegrity\":\"NOT_DEFINED\",\"modifiedVulnerableSystemAvailability\":\"NOT_DEFINED\",\"modifiedSubsequentSystemConfidentiality\":\"NOT_DEFINED\",\"modifiedSubsequentSystemIntegrity\":\"NOT_DEFINED\",\"modifiedSubsequentSystemAvailability\":\"NOT_DEFINED\",\"safety\":\"NOT_DEFINED\",\"automatable\":\"NOT_DEFINED\",\"recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}]},\"weaknesses\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-552\"}]}],\"references\":[{\"url\":\"https://support.citrix.com/s/article/CTX691608-netscaler-adc-and-netscaler-gateway-security-bulletin-for-cve20248534-and-cve20248535?language=en_US\",\"source\":\"secure@citrix.com\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.