KLA10536
Multiple vulnerabilities in Citrix NetScaler

Обновлено: 18/06/2020
Дата обнаружения
03/04/2015
Уровень угрозы
High
Описание

Multiple serious vulnerabilities have been found in Citrix NetScaler. Malicious users can exploit these vulnerabilities to execute or inject arbitrary code and conduct XSS attack.

Below is a complete list of vulnerabilities

  1. XSS vulnerability can be exploited remotely via a specially designed search query;
  2. CSRF vulnerability and improper Content-Type can be exploited remotely via a specially designed JSON.
Пораженные продукты

Citrix NetScaler versions earlier than 10.5 build 52.3nc

Решение

Update to the latest version
Get Citrix NetScaler

Оказываемое влияние
?
ACE 
[?]

CI 
[?]

XSS/CSS 
[?]
Связанные продукты
Citrix NetScaler
CVE-IDS
CVE-2015-28394.3Warning
CVE-2015-28386.8High
CVE-2015-28404.3Warning
Эксплуатация

The following public exploits exists for this vulnerability:

https://www.exploit-db.com/exploits/36442

Узнай статистику распространения уязвимостей в твоем регионе