Vulnerability in Citrix Application_delivery_controller
CVE-2019-18225
An issue was discovered in Citrix Application Delivery Controller (ADC) and Gateway before 10.5 build 70.8, 11.x before 11.1 build 63.9, 12.0 before build 62.10, 12.1 before build 54.16, and 13.0 before build 41.28. An attacker with manage…
EPSS: 0.015 (71.2th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 9.8 (Critical). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H.
Affected products
- Citrix Application_delivery_controller
- Citrix Application_delivery_controller_firmware — versions 10.5, 11.1, 12.0
- Citrix Gateway
- Citrix Gateway_firmware — versions 13.0
- Citrix Netscaler_gateway
- Citrix Netscaler_gateway_firmware — versions 10.5, 11.1, 12.0
- N/a — versions n/a
References
- cve@mitre.org (x_refsource_MISC, Vendor Advisory)
Frequently asked questions
- What is CVE-2019-18225?
- CVE-2019-18225 is a critical-severity vulnerability in Citrix Application_delivery_controller. CVSS score: 9.8/10. Published 2019-10-21.
- How severe is CVE-2019-18225?
- Critical severity. CVSS v3 base score is 9.8 out of 10.