Vulnerabilities > Citrix > Netscaler Application Delivery Controller Firmware > 9.3.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2016-10-28 | CVE-2016-9028 | 7PK - Security Features vulnerability in Citrix Netscaler Application Delivery Controller Firmware Unauthorized redirect vulnerability in Citrix NetScaler ADC before 10.1 135.8, 10.5 61.11, 11.0 65.31/65.35F and 11.1 47.14 allows a remote attacker to steal session cookies of a legitimate AAA user via manipulation of Host header. | 5.8 |
2014-05-01 | CVE-2014-2882 | Unspecified vulnerability in Citrix products Unspecified vulnerability in the management GUI in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 9.3-66.5 and 10.x before 10.1-122.17 has unspecified impact and vectors, related to certificate validation. | 10.0 |
2014-05-01 | CVE-2014-2881 | Security vulnerability in Citrix NetScaler Unspecified vulnerability in the Diffie-Hellman key agreement implementation in the management GUI Java applet in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 9.3-66.5 and 10.x before 10.1-122.17 has unknown impact and vectors. | 10.0 |
2014-03-11 | CVE-2013-6944 | Cross-Site Scripting vulnerability in Citrix Netscaler Application Delivery Controller Firmware Cross-site scripting (XSS) vulnerability in the user interface in the AAA TM vServer in Citrix NetScaler Application Delivery Controller (ADC) 9.3.x before 9.3-64.4, 10.0 before 10.0-77.5, and 10.1 before 10.1-118.7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2014-03-11 | CVE-2013-6943 | Code Injection vulnerability in Citrix Netscaler Application Delivery Controller Firmware Citrix NetScaler Application Delivery Controller (ADC) 9.3.x before 9.3-64.4, 10.0 before 10.0-77.5, and 10.1 before 10.1-118.7 allows remote attackers to conduct an LDAP injection attack via vectors related to SSH and Web management usernames. | 5.0 |
2014-03-11 | CVE-2013-6942 | Cross-Site Request Forgery (CSRF) vulnerability in Citrix Netscaler Application Delivery Controller Firmware Cross-site request forgery (CSRF) vulnerability in Citrix NetScaler Application Delivery Controller (ADC) 9.3.x before 9.3-64.4, 10.0 before 10.0-77.5, and 10.1 before 10.1-118.7 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. | 6.8 |
2014-03-11 | CVE-2013-6941 | Unspecified vulnerability in Citrix Netscaler Application Delivery Controller Firmware Unspecified vulnerability in Citrix NetScaler Application Delivery Controller (ADC) 9.3.x before 9.3-64.4, 10.0 before 10.0-77.5, and 10.1 before 10.1-118.7 allows users to "breakout" of the shell via unknown vectors. | 10.0 |
2014-03-11 | CVE-2013-6940 | Credentials Management vulnerability in Citrix Netscaler Application Delivery Controller Firmware Citrix NetScaler Application Delivery Controller (ADC) 9.3.x before 9.3-64.4, 10.0 before 10.0-77.5, and 10.1 before 10.1-118.7 logs user credentials, which allows attackers to obtain sensitive information via unspecified vectors. | 5.0 |
2014-03-11 | CVE-2013-6939 | Denial of Service vulnerability in Citrix NetScaler Application Delivery Controller Unspecified vulnerability in Citrix NetScaler Application Delivery Controller (ADC) 9.3.x before 9.3-64.4, 10.0 before 10.0-77.5, and 10.1 before 10.1-118.7 allows attackers to cause a denial of service via unknown vectors, related to "RADIUS authentication." | 5.0 |
2014-03-11 | CVE-2013-6938 | Denial of Service vulnerability in Citrix NetScaler Unspecified vulnerability in the Service VM in Citrix NetScaler SDX 9.3 before 9.3-64.4 and 10.0 before 10.0-77.5 and Application Delivery Controller (ADC) 9.3.x before 9.3-64.4, 10.0 before 10.0-77.5, and 10.1 before 10.1-118.7 allows attackers to cause a denial of service via unknown vectors, related to the "Virtual Machine Daemon." | 5.0 |