Information disclosure in Citrix Netscaler_application_delivery_controller_firmware

CVE-2015-7996

The Nitro API in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 10.1 Build 133.9, 10.5 before Build 58.11, and 10.5.e before Build 56.1505.e on NetScaler Service Delivery Appliance Service VM (SVM) devi…

Vulnerability class: Information Disclosure

EPSS: 0.003 (53.0th percentile) — read the EPSS interpretation.

Affected products

Citrix Netscaler_application_delivery_controller_firmware — versions 10.1, 10.5
Citrix Netscaler_gateway_firmware — versions 10.1, 10.5
Citrix Netscaler_service_delivery_appliance_service_vm — versions 10.5e
N/a — versions n/a

Weakness classification (CWE)

CWE-200 — Information Disclosure

References

1034167 (vdb-entry, x_refsource_SECTRACK)
cve@mitre.org (x_refsource_CONFIRM, Patch, Vendor Advisory)