Citrix Application_delivery_controller
27 CVEs affecting Citrix Application_delivery_controller. Latest disclosed: 2023-07-10. Critical: 4, High: 11.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2022-27518 | Critical | 9.8 | 2022-12-13 | Unauthenticated remote arbitrary code execution |
CVE-2022-27510 | Critical | 9.8 | 2022-11-08 | Unauthorized access to Gateway user capabilities |
CVE-2019-19781 | Critical | 9.8 | 2019-12-27 | An issue was discovered in Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0. They allow Directory Traversal. |
CVE-2019-18225 | Critical | 9.8 | 2019-10-21 | An issue was discovered in Citrix Application Delivery Controller (ADC) and Gateway before 10.5 build 70.8, 11.x before 11.1 build 63.9, 12.0 before build 62.1… |
CVE-2020-8247 | High | 8.8 | 2020-09-18 | Citrix ADC and Citrix Gateway 13.0 before 13.0-64.35, Citrix ADC and NetScaler Gateway 12.1 before 12.1-58.15, Citrix ADC 12.1-FIPS before 12.1-55.187, Citrix… |
CVE-2020-8197 | High | 8.8 | 2020-07-10 | Privilege escalation vulnerability on Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 allows a low… |
CVE-2022-27513 | High | 8.3 | 2022-11-08 | Remote desktop takeover via phishing |
CVE-2021-22927 | High | 8.1 | 2021-08-05 | A session fixation vulnerability exists in Citrix ADC and Citrix Gateway 13.0-82.45 when configured SAML service provider that could allow an attacker to hijac… |
CVE-2022-27508 | High | 7.5 | 2023-01-26 | Unauthenticated denial of service |
CVE-2021-22956 | High | 7.5 | 2021-12-07 | An uncontrolled resource consumption vulnerability exists in Citrix ADC <13.0-83.27, <12.1-63.22 and 11.1-65.23 that could allow an attacker with access to NSI… |
CVE-2021-22955 | High | 7.5 | 2021-12-07 | A unauthenticated denial of service vulnerability exists in Citrix ADC <13.0-83.27, <12.1-63.22 and 11.1-65.23 when configured as a VPN (Gateway) or AAA virtua… |
CVE-2021-22919 | High | 7.5 | 2021-08-05 | A vulnerability has been discovered in Citrix ADC (formerly known as NetScaler ADC) and Citrix Gateway (formerly known as NetScaler Gateway), and Citrix SD-WAN… |
CVE-2020-8246 | High | 7.5 | 2020-09-18 | Citrix ADC and Citrix Gateway 13.0 before 13.0-64.35, Citrix ADC and NetScaler Gateway 12.1 before 12.1-58.15, Citrix ADC 12.1-FIPS before 12.1-55.187, Citrix… |
CVE-2020-8190 | High | 7.5 | 2020-07-10 | Incorrect file permissions in Citrix ADC and Citrix Gateway before versions 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 allows privilege esca… |
CVE-2020-8187 | High | 7.5 | 2020-07-10 | Improper input validation in Citrix ADC and Citrix Gateway versions before 11.1-63.9 and 12.0-62.10 allows unauthenticated users to perform a denial of service… |
CVE-2022-27507 | Medium | 6.5 | 2023-01-26 | Authenticated denial of service |
CVE-2019-18177 | Medium | 6.5 | 2022-12-26 | In certain Citrix products, information disclosure can be achieved by an authenticated VPN user when there is a configured SSL VPN endpoint. This affects Citri… |
CVE-2020-8300 | Medium | 6.5 | 2021-06-16 | Citrix ADC and Citrix/NetScaler Gateway before 13.0-82.41, 12.1-62.23, 11.1-65.20 and Citrix ADC 12.1-FIPS before 12.1-55.238 suffer from improper access contr… |
CVE-2020-8299 | Medium | 6.5 | 2021-06-16 | Citrix ADC and Citrix/NetScaler Gateway 13.0 before 13.0-76.29, 12.1-61.18, 11.1-65.20, Citrix ADC 12.1-FIPS before 12.1-55.238, and Citrix SD-WAN WANOP Editio… |
CVE-2020-8194 | Medium | 6.5 | 2020-07-10 | Reflected code injection in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP… |