Skip to main content

Netscaler Application Delivery Controller Firmware CVE-2014-8580

MEDIUM
Permissions, Privileges, and Access Controls (CWE-264)
2014-11-07 cve@mitre.org
4.9
CVSS 2.0 · NVD
Share

Severity by source

NVD PRIMARY
4.9 MEDIUM
AV:N/AC:M/Au:S/C:P/I:P/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

AV:N/AC:M/Au:S/C:P/I:P/A:N
Attack Vector
Network
Attack Complexity
M
Confidentiality
P
Integrity
P
Availability
None

Lifecycle Timeline

1
CVE Published
Nov 07, 2014 - 19:55 cve.org
MEDIUM 4.9

DescriptionCVE.org

Citrix NetScaler Application Delivery Controller and NetScaler Gateway 10.5.50.10 before 10.5-52.11, 10.1.122.17 before 10.1-129.11, and 10.1-120.1316.e before 10.1-129.1105.e, when using unspecified configurations, allows remote authenticated users to access "network resources" of other users via unknown vectors.

AnalysisAI

Citrix NetScaler Application Delivery Controller and NetScaler Gateway 10.5.50.10 before 10.5-52.11, 10.1.122.17 before 10.1-129.11, and 10.1-120.1316.e before 10.1-129.1105.e, when using unspecified. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable.

Technical ContextAI

This vulnerability is classified under CWE-264. Citrix NetScaler Application Delivery Controller and NetScaler Gateway 10.5.50.10 before 10.5-52.11, 10.1.122.17 before 10.1-129.11, and 10.1-120.1316.e before 10.1-129.1105.e, when using unspecified configurations, allows remote authenticated users to access "network resources" of other users via unknown vectors. Affected products include: Citrix Netscaler Application Delivery Controller Firmware, Citrix Netscaler Gateway Firmware. Version information: before 10.5.

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2014-7140 HIGH POC
7.5 Oct 21

Unspecified vulnerability in the management interface in Citrix NetScaler Application Delivery Controller (ADC) and NetS

CVE-2015-5538 CRITICAL
10.0 Sep 17

Multiple unspecified vulnerabilities in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway bef

CVE-2014-2881 CRITICAL
10.0 May 01

Unspecified vulnerability in the Diffie-Hellman key agreement implementation in the management GUI Java applet in Citrix

CVE-2013-6941 CRITICAL
10.0 Mar 11

Unspecified vulnerability in Citrix NetScaler Application Delivery Controller (ADC) 9.3.x before 9.3-64.4, 10.0 before 1

CVE-2014-2882 CRITICAL
10.0 May 01

Unspecified vulnerability in the management GUI in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler

CVE-2018-6809 CRITICAL
9.8 Mar 06

NetScaler ADC 10.5, 11.0, 11.1, and 12.0, and NetScaler Gateway 10.5, 11.0, 11.1, and 12.0 allow remote attackers to gai

CVE-2015-5080 CRITICAL
9.0 Jul 16

The Management Interface in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 10.1 before 10.

CVE-2016-9028 HIGH
8.8 Oct 28

Unauthorized redirect vulnerability in Citrix NetScaler ADC before 10.1 135.8, 10.5 61.11, 11.0 65.31/65.35F and 11.1 47

CVE-2015-2829 HIGH
7.8 May 12

Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 10.5 Build 53.9 through 55.8 and 10.

CVE-2013-6011 HIGH
7.8 Oct 04

Citrix NetScaler Application Delivery Controller (ADC) 10.0 before 10.0-76.7 allows remote attackers to cause a denial o

CVE-2019-12044 HIGH
7.5 May 22

A Buffer Overflow exists in Citrix NetScaler Gateway 10.5.x before 10.5.70.x, 11.1.x before 11.1.59.10, 12.0.x before 12

CVE-2018-6810 HIGH
7.5 Mar 06

Directory traversal vulnerability in NetScaler ADC 10.5, 11.0, 11.1, and 12.0, and NetScaler Gateway 10.5, 11.0, 11.1, a

Share

CVE-2014-8580 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy