fkie_cve-2024-2049
Vulnerability from fkie_nvd
Published
2024-03-12 13:15
Modified
2025-07-25 15:36
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Summary
Server-Side Request Forgery (SSRF) in Citrix SD-WAN Standard/Premium Editions on or after 11.4.0 and before 11.4.4.46 allows an attacker to disclose limited information from the appliance via Access to management IP.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:citrix:sd-wan_1000_firmware:*:*:*:*:standard:*:*:*",
"matchCriteriaId": "76CD1B07-1DD4-403E-843B-DF4DB5B351C6",
"versionEndExcluding": "11.4.4.46",
"versionStartIncluding": "11.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:citrix:sd-wan_1000:-:*:*:*:standard:*:*:*",
"matchCriteriaId": "B5438795-5950-47DE-AD87-82A2F4D6D568",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:citrix:sd-wan_110_firmware:*:*:*:*:standard:*:*:*",
"matchCriteriaId": "85D31B36-E836-4A4B-B7B2-CD8E222C44F4",
"versionEndExcluding": "11.4.4.46",
"versionStartIncluding": "11.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:citrix:sd-wan_110:-:*:*:*:standard:*:*:*",
"matchCriteriaId": "92435A9E-6673-4A7F-8283-F37B131BC4DE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:citrix:sd-wan_1100_firmware:*:*:*:*:standard:*:*:*",
"matchCriteriaId": "64D38F42-3CB3-4B51-AB9E-75657CDE563B",
"versionEndExcluding": "11.4.4.46",
"versionStartIncluding": "11.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:citrix:sd-wan_1100:-:*:*:*:standard:*:*:*",
"matchCriteriaId": "9E3C0E94-BCDD-4957-8D9A-2B8F5EB70574",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:citrix:sd-wan_2000_firmware:*:*:*:*:standard:*:*:*",
"matchCriteriaId": "979F7E87-1C9B-460C-8171-1036BD645CCF",
"versionEndExcluding": "11.4.4.46",
"versionStartIncluding": "11.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:citrix:sd-wan_2000:-:*:*:*:standard:*:*:*",
"matchCriteriaId": "860D6524-264F-4F88-AAA3-7C4CA0EC55B0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:citrix:sd-wan_210_firmware:*:*:*:*:standard:*:*:*",
"matchCriteriaId": "BD7E15AA-74EF-4D64-8506-BFE42E9EAD9B",
"versionEndExcluding": "11.4.4.46",
"versionStartIncluding": "11.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:citrix:sd-wan_210:-:*:*:*:standard:*:*:*",
"matchCriteriaId": "91CB177A-8EAE-456C-B559-2088E7CF8E32",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:citrix:sd-wan_2100_firmware:*:*:*:*:standard:*:*:*",
"matchCriteriaId": "DE978723-D64A-45CD-B111-F73EA1C77A31",
"versionEndExcluding": "11.4.4.46",
"versionStartIncluding": "11.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:citrix:sd-wan_2100:-:*:*:*:standard:*:*:*",
"matchCriteriaId": "31195A4E-7EB1-4367-8AD2-A3AC253F5B78",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:citrix:sd-wan_400_firmware:*:*:*:*:standard:*:*:*",
"matchCriteriaId": "44103C47-C3C3-4BFF-A3AF-6A5E3942CE38",
"versionEndExcluding": "11.4.4.46",
"versionStartIncluding": "11.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:citrix:sd-wan_400:-:*:*:*:standard:*:*:*",
"matchCriteriaId": "BE40B2DD-CD9D-4EB7-AAC0-4B1DB58A5DD0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:citrix:sd-wan_4000_firmware:*:*:*:*:standard:*:*:*",
"matchCriteriaId": "41DC9108-6989-4E76-94DD-C45617CBEDEA",
"versionEndExcluding": "11.4.4.46",
"versionStartIncluding": "11.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:citrix:sd-wan_4000:-:*:*:*:standard:*:*:*",
"matchCriteriaId": "A39BE60C-C539-4E5B-A483-4DBB9653470D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:citrix:sd-wan_410_firmware:*:*:*:*:standard:*:*:*",
"matchCriteriaId": "874FC81B-F21B-4A1C-84D8-31E41D11E2BA",
"versionEndExcluding": "11.4.4.46",
"versionStartIncluding": "11.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:citrix:sd-wan_410:-:*:*:*:standard:*:*:*",
"matchCriteriaId": "AADD71C2-D011-4358-97DA-9551C73AE500",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:citrix:sd-wan_4100_firmware:*:*:*:*:standard:*:*:*",
"matchCriteriaId": "ACCE06C2-66B6-4B8E-9F31-30D99C904AE6",
"versionEndExcluding": "11.4.4.46",
"versionStartIncluding": "11.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:citrix:sd-wan_4100:-:*:*:*:standard:*:*:*",
"matchCriteriaId": "8D566367-ADB2-4B3F-A5A0-1A59CC852DCE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:citrix:sd-wan_5100_firmware:*:*:*:*:standard:*:*:*",
"matchCriteriaId": "E84EEC33-730A-4F55-BE89-264C576E9E96",
"versionEndExcluding": "11.4.4.46",
"versionStartIncluding": "11.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:citrix:sd-wan_5100:-:*:*:*:standard:*:*:*",
"matchCriteriaId": "1A9165FB-FA3B-48CA-8F95-838D9E146E24",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:citrix:sd-wan_6100_firmware:*:*:*:*:standard:*:*:*",
"matchCriteriaId": "2AFB141C-762A-4D4E-B9A8-49A7BFB10060",
"versionEndExcluding": "11.4.4.46",
"versionStartIncluding": "11.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:citrix:sd-wan_6100:-:*:*:*:standard:*:*:*",
"matchCriteriaId": "539913FB-58FF-4C92-831D-27A1F5562C25",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:citrix:sd-wan_1000_firmware:*:*:*:*:premium:*:*:*",
"matchCriteriaId": "FED84B7F-C5FD-483F-A07C-DB7647883D4F",
"versionEndExcluding": "11.4.4.46",
"versionStartIncluding": "11.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:citrix:sd-wan_1000:-:*:*:*:premium:*:*:*",
"matchCriteriaId": "07DE6E51-078C-4071-AD06-6B95D9E5054E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:citrix:sd-wan_1100_firmware:*:*:*:*:premium:*:*:*",
"matchCriteriaId": "B9467588-F79F-4195-A2B3-D365F7B9A90D",
"versionEndExcluding": "11.4.4.46",
"versionStartIncluding": "11.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:citrix:sd-wan_1100:-:*:*:*:premium:*:*:*",
"matchCriteriaId": "A4C21748-F802-4274-BCB1-23F3F8013A87",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:citrix:sd-wan_2000_firmware:*:*:*:*:premium:*:*:*",
"matchCriteriaId": "43BB6BAB-6E52-4F94-BC03-DED3D3B8BF2A",
"versionEndExcluding": "11.4.4.46",
"versionStartIncluding": "11.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:citrix:sd-wan_2000:-:*:*:*:premium:*:*:*",
"matchCriteriaId": "6439B964-A8B9-455B-9724-7CB76806EED6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:citrix:sd-wan_2100_firmware:*:*:*:*:premium:*:*:*",
"matchCriteriaId": "499A3152-C623-4DFD-B989-C473C9A9B306",
"versionEndExcluding": "11.4.4.46",
"versionStartIncluding": "11.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:citrix:sd-wan_2100:-:*:*:*:premium:*:*:*",
"matchCriteriaId": "69C163C7-65FF-4C39-BF65-5555CD1269E1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:citrix:sd-wan_6100_firmware:*:*:*:*:premium:*:*:*",
"matchCriteriaId": "AB1CF36A-0751-4CB9-A1ED-CC63472123E0",
"versionEndExcluding": "11.4.4.46",
"versionStartIncluding": "11.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:citrix:sd-wan_6100:-:*:*:*:premium:*:*:*",
"matchCriteriaId": "E3FEEA2C-572C-42E7-98A3-731D2BA6CDB2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:citrix:sd-wan_5100_firmware:*:*:*:*:premium:*:*:*",
"matchCriteriaId": "8233AB68-1082-4E2D-B4D1-DFF31100BB6B",
"versionEndExcluding": "11.4.4.46",
"versionStartIncluding": "11.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:citrix:sd-wan_5100:-:*:*:*:premium:*:*:*",
"matchCriteriaId": "853E002B-4534-48E6-8FCE-C01B1255366A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Server-Side Request Forgery (SSRF) in Citrix SD-WAN Standard/Premium Editions on or after 11.4.0 and before 11.4.4.46 allows an attacker to disclose limited information from the appliance via Access to management IP."
},
{
"lang": "es",
"value": "Server-Side Request Forgery (SSRF) en las ediciones Citrix SD-WAN Standard/Premium posteriores a 11.4.0 y anteriores a 11.4.4.46 permite a un atacante revelar informaci\u00f3n limitada del dispositivo a trav\u00e9s del acceso a la IP de administraci\u00f3n."
}
],
"id": "CVE-2024-2049",
"lastModified": "2025-07-25T15:36:48.663",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5,
"source": "secure@citrix.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-03-12T13:15:49.807",
"references": [
{
"source": "secure@citrix.com",
"tags": [
"Broken Link"
],
"url": "https://support.citrix.com/article/CTX617071/citrix-sdwan-security-bulletin-for-cve20242049"
},
{
"source": "nvd@nist.gov",
"tags": [
"Vendor Advisory"
],
"url": "https://support.citrix.com/external/article?articleUrl=CTX617071-citrix-sdwan-security-bulletin-for-cve20242049\u0026language=en_US"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://support.citrix.com/article/CTX617071/citrix-sdwan-security-bulletin-for-cve20242049"
}
],
"sourceIdentifier": "secure@citrix.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-918"
}
],
"source": "secure@citrix.com",
"type": "Secondary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…