Vulnerabilities > Citrix > Netscaler Application Delivery Controller Firmware > 10.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-10-28 | CVE-2016-9028 | 7PK - Security Features vulnerability in Citrix Netscaler Application Delivery Controller Firmware Unauthorized redirect vulnerability in Citrix NetScaler ADC before 10.1 135.8, 10.5 61.11, 11.0 65.31/65.35F and 11.1 47.14 allows a remote attacker to steal session cookies of a legitimate AAA user via manipulation of Host header. | 5.8 |
| 2014-10-21 | CVE-2014-7140 | Unspecified vulnerability in Citrix Netscaler Application Delivery Controller Firmware 10.0/10.1/10.5 Unspecified vulnerability in the management interface in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 10.x before 10.1-129.11 and 10.5 before 10.5-50.10 allows remote attackers to execute arbitrary code via unknown vectors. | 7.5 |
| 2014-03-11 | CVE-2013-6944 | Cross-Site Scripting vulnerability in Citrix Netscaler Application Delivery Controller Firmware Cross-site scripting (XSS) vulnerability in the user interface in the AAA TM vServer in Citrix NetScaler Application Delivery Controller (ADC) 9.3.x before 9.3-64.4, 10.0 before 10.0-77.5, and 10.1 before 10.1-118.7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2014-03-11 | CVE-2013-6943 | Code Injection vulnerability in Citrix Netscaler Application Delivery Controller Firmware Citrix NetScaler Application Delivery Controller (ADC) 9.3.x before 9.3-64.4, 10.0 before 10.0-77.5, and 10.1 before 10.1-118.7 allows remote attackers to conduct an LDAP injection attack via vectors related to SSH and Web management usernames. | 5.0 |
| 2014-03-11 | CVE-2013-6942 | Cross-Site Request Forgery (CSRF) vulnerability in Citrix Netscaler Application Delivery Controller Firmware Cross-site request forgery (CSRF) vulnerability in Citrix NetScaler Application Delivery Controller (ADC) 9.3.x before 9.3-64.4, 10.0 before 10.0-77.5, and 10.1 before 10.1-118.7 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. | 6.8 |
| 2014-03-11 | CVE-2013-6941 | Unspecified vulnerability in Citrix Netscaler Application Delivery Controller Firmware Unspecified vulnerability in Citrix NetScaler Application Delivery Controller (ADC) 9.3.x before 9.3-64.4, 10.0 before 10.0-77.5, and 10.1 before 10.1-118.7 allows users to "breakout" of the shell via unknown vectors. | 10.0 |
| 2014-03-11 | CVE-2013-6940 | Credentials Management vulnerability in Citrix Netscaler Application Delivery Controller Firmware Citrix NetScaler Application Delivery Controller (ADC) 9.3.x before 9.3-64.4, 10.0 before 10.0-77.5, and 10.1 before 10.1-118.7 logs user credentials, which allows attackers to obtain sensitive information via unspecified vectors. | 5.0 |
| 2014-03-11 | CVE-2013-6939 | Denial of Service vulnerability in Citrix NetScaler Application Delivery Controller Unspecified vulnerability in Citrix NetScaler Application Delivery Controller (ADC) 9.3.x before 9.3-64.4, 10.0 before 10.0-77.5, and 10.1 before 10.1-118.7 allows attackers to cause a denial of service via unknown vectors, related to "RADIUS authentication." | 5.0 |
| 2014-03-11 | CVE-2013-6938 | Denial of Service vulnerability in Citrix NetScaler Unspecified vulnerability in the Service VM in Citrix NetScaler SDX 9.3 before 9.3-64.4 and 10.0 before 10.0-77.5 and Application Delivery Controller (ADC) 9.3.x before 9.3-64.4, 10.0 before 10.0-77.5, and 10.1 before 10.1-118.7 allows attackers to cause a denial of service via unknown vectors, related to the "Virtual Machine Daemon." | 5.0 |
| 2013-10-04 | CVE-2013-6011 | Improper Input Validation vulnerability in Citrix products Citrix NetScaler Application Delivery Controller (ADC) 10.0 before 10.0-76.7 allows remote attackers to cause a denial of service (nsconfigd crash and appliance reboot) via a crafted request. | 7.8 |