Improper input validation in Citrix Netscaler_application_delivery_controller

CVE-2013-6011

Citrix NetScaler Application Delivery Controller (ADC) 10.0 before 10.0-76.7 allows remote attackers to cause a denial of service (nsconfigd crash and appliance reboot) via a crafted request.

Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)

EPSS: 0.006 (71.0th percentile) — read the EPSS interpretation.

Affected products

Citrix Netscaler_application_delivery_controller
Citrix Netscaler_application_delivery_controller_firmware — versions 10.0, 10.0.e
N/a — versions n/a

Weakness classification (CWE)

CWE-20 — Improper Input Validation

References

cve@mitre.org (x_refsource_CONFIRM, Vendor Advisory)
20131003 SEC Consult SA-20131003-0 :: Denial of service vulnerability in Citrix NetScaler (mailing-list, x_refsource_BUGTRAQ)