Vulnerabilities > Citrix

DATE CVE VULNERABILITY TITLE RISK
2020-01-02 CVE-2013-3619 Use of Hard-coded Credentials vulnerability in multiple products
Intelligent Platform Management Interface (IPMI) with firmware for Supermicro X9 generation motherboards before SMT_X9_317 and firmware for Supermicro X8 generation motherboards before SMT X8 312 contain harcoded private encryption keys for the (1) Lighttpd web server SSL interface and the (2) Dropbear SSH daemon.
network
high complexity
supermicro citrix CWE-798
8.1
8.1
2019-12-27 CVE-2019-19781 Path Traversal vulnerability in Citrix products
An issue was discovered in Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0.
network
low complexity
citrix CWE-22
critical
 9.8
9.8
2019-10-21 CVE-2019-18225 Unspecified vulnerability in Citrix products
An issue was discovered in Citrix Application Delivery Controller (ADC) and Gateway before 10.5 build 70.8, 11.x before 11.1 build 63.9, 12.0 before build 62.10, 12.1 before build 54.16, and 13.0 before build 41.28.
network
low complexity
citrix
critical
 9.8
9.8
2019-10-09 CVE-2019-17366 Unspecified vulnerability in Citrix Application Delivery Management 12.1/13.0
Citrix Application Delivery Management (ADM) 12.1 before build 54.13 has Incorrect Access Control.
network
low complexity
citrix
8.8
8.8
2019-08-29 CVE-2019-13608 XXE vulnerability in Citrix Storefront Server
Citrix StoreFront Server before 1903, 7.15 LTSR before CU4 (3.12.4000), and 7.6 LTSR before CU8 (3.0.8000) allows XXE attacks.
network
low complexity
citrix CWE-611
7.5
7.5
2019-07-16 CVE-2019-12992 OS Command Injection vulnerability in Citrix Netscaler Sd-Wan and Sd-Wan
Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 6 of 6).
network
low complexity
citrix CWE-78
8.8
8.8
2019-07-16 CVE-2019-12991 OS Command Injection vulnerability in Citrix Netscaler Sd-Wan and Sd-Wan
Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 5 of 6).
network
low complexity
citrix CWE-78
8.8
8.8
2019-07-16 CVE-2019-12990 Path Traversal vulnerability in Citrix Netscaler Sd-Wan and Sd-Wan
Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 allow Directory Traversal.
network
low complexity
citrix CWE-22
critical
 9.8
9.8
2019-07-16 CVE-2019-12989 SQL Injection vulnerability in Citrix Netscaler Sd-Wan and Sd-Wan
Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 allow SQL Injection.
network
low complexity
citrix CWE-89
critical
 9.8
9.8
2019-07-16 CVE-2019-12988 OS Command Injection vulnerability in Citrix Netscaler Sd-Wan and Sd-Wan
Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 4 of 6).
network
low complexity
citrix CWE-78
critical
 9.8
9.8