Vulnerabilities > Citrix > Gateway

DATE CVE VULNERABILITY TITLE RISK
2023-07-10 CVE-2023-24487 Unspecified vulnerability in Citrix Application Delivery Controller and Gateway
Arbitrary file read in Citrix ADC and Citrix Gateway?
network
low complexity
citrix
7.5
7.5
2023-07-10 CVE-2023-24488 Cross-site Scripting vulnerability in Citrix Application Delivery Controller and Gateway
Cross site scripting vulnerability in Citrix ADC and Citrix Gateway? in allows and attacker to perform cross site scripting
network
low complexity
citrix CWE-79
6.1
6.1
2023-01-26 CVE-2022-27507 Resource Exhaustion vulnerability in Citrix Application Delivery Controller and Gateway
Authenticated denial of service
network
low complexity
citrix CWE-400
6.5
6.5
2023-01-26 CVE-2022-27508 Resource Exhaustion vulnerability in Citrix Application Delivery Controller and Gateway
Unauthenticated denial of service
network
low complexity
citrix CWE-400
7.5
7.5
2022-12-26 CVE-2019-18177 Unspecified vulnerability in Citrix Application Delivery Controller Firmware and Gateway
In certain Citrix products, information disclosure can be achieved by an authenticated VPN user when there is a configured SSL VPN endpoint.
network
low complexity
citrix
6.5
6.5
2022-11-08 CVE-2022-27510 Improper Authentication vulnerability in Citrix Application Delivery Controller Firmware and Gateway
Unauthorized access to Gateway user capabilities
network
low complexity
citrix CWE-287
critical
 9.8
9.8
2022-11-08 CVE-2022-27513 Insufficient Verification of Data Authenticity vulnerability in Citrix Application Delivery Controller Firmware and Gateway
Remote desktop takeover via phishing
network
low complexity
citrix CWE-345
critical
 9.6
9.6
2022-11-08 CVE-2022-27516 Improper Restriction of Excessive Authentication Attempts vulnerability in Citrix Application Delivery Controller Firmware and Gateway
User login brute force protection functionality bypass
network
low complexity
citrix CWE-307
critical
 9.8
9.8
2022-07-28 CVE-2022-27509 Open Redirect vulnerability in Citrix Application Delivery Controller Firmware and Gateway
Unauthenticated redirection to a malicious website
network
low complexity
citrix CWE-601
6.1
6.1
2021-12-07 CVE-2021-22955 Resource Exhaustion vulnerability in Citrix Application Delivery Controller Firmware and Gateway
A unauthenticated denial of service vulnerability exists in Citrix ADC <13.0-83.27, <12.1-63.22 and 11.1-65.23 when configured as a VPN (Gateway) or AAA virtual server could allow an attacker to cause a temporary disruption of the Management GUI, Nitro API, and RPC communication.
network
low complexity
citrix CWE-400
7.5
7.5