Vulnerabilities > Citrix > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-04-13 | CVE-2022-27506 | Use of Hard-coded Credentials vulnerability in Citrix products Hard-coded credentials allow administrators to access the shell via the SD-WAN CLI | 6.8 |
| 2021-12-07 | CVE-2021-22955 | Resource Exhaustion vulnerability in Citrix Application Delivery Controller Firmware and Gateway A unauthenticated denial of service vulnerability exists in Citrix ADC <13.0-83.27, <12.1-63.22 and 11.1-65.23 when configured as a VPN (Gateway) or AAA virtual server could allow an attacker to cause a temporary disruption of the Management GUI, Nitro API, and RPC communication. | 4.3 |
| 2021-12-07 | CVE-2021-22956 | Resource Exhaustion vulnerability in Citrix products An uncontrolled resource consumption vulnerability exists in Citrix ADC <13.0-83.27, <12.1-63.22 and 11.1-65.23 that could allow an attacker with access to NSIP or SNIP with management interface access to cause a temporary disruption of the Management GUI, Nitro API, and RPC communication. | 4.3 |
| 2021-08-16 | CVE-2021-22932 | Missing Encryption of Sensitive Data vulnerability in Citrix Sharefile Storagezones Controller An issue has been identified in the CTX269106 mitigation tool for Citrix ShareFile storage zones controller which causes the ShareFile file encryption option to become disabled if it had previously been enabled. | 5.0 |
| 2021-08-05 | CVE-2021-22919 | Allocation of Resources Without Limits or Throttling vulnerability in Citrix products A vulnerability has been discovered in Citrix ADC (formerly known as NetScaler ADC) and Citrix Gateway (formerly known as NetScaler Gateway), and Citrix SD-WAN WANOP Edition models 4000-WO, 4100-WO, 5000-WO, and 5100-WO. | 5.0 |
| 2021-08-05 | CVE-2021-22920 | Unspecified vulnerability in Citrix Application Delivery Management and Gateway A vulnerability has been discovered in Citrix ADC (formerly known as NetScaler ADC) and Citrix Gateway (formerly known as NetScaler Gateway), and Citrix SD-WAN WANOP Edition models 4000-WO, 4100-WO, 5000-WO, and 5100-WO. network citrix | 4.3 |
| 2021-08-05 | CVE-2021-22927 | Session Fixation vulnerability in Citrix products A session fixation vulnerability exists in Citrix ADC and Citrix Gateway 13.0-82.45 when configured SAML service provider that could allow an attacker to hijack a session. | 5.8 |
| 2021-06-16 | CVE-2020-8300 | Unspecified vulnerability in Citrix products Citrix ADC and Citrix/NetScaler Gateway before 13.0-82.41, 12.1-62.23, 11.1-65.20 and Citrix ADC 12.1-FIPS before 12.1-55.238 suffer from improper access control allowing SAML authentication hijack through a phishing attack to steal a valid user session. network citrix | 4.3 |
| 2021-06-16 | CVE-2021-22914 | Insecure Storage of Sensitive Information vulnerability in Citrix Cloud Connector Citrix Cloud Connector before 6.31.0.62192 suffers from insecure storage of sensitive information due to sensitive information being stored in the Citrix Cloud Connector installation log files. | 5.0 |
| 2021-01-06 | CVE-2020-8275 | Improper Privilege Management vulnerability in Citrix Secure Mail Citrix Secure Mail for Android before 20.11.0 suffers from improper access control allowing unauthenticated access to read limited calendar related data stored within Secure Mail. | 4.3 |