Citrix Luki w zabezpieczeniach

Oś czasu

Rodzaj

Connectivity Software	241
Network Management Software	88
Virtualization Software	22
Web Server	1

Produkt

Citrix Xen	35
Citrix Gateway	34
Citrix ADC	27
Citrix XenMobile Server	19
Citrix XenServer	19

Przeciwdziałanie

Official Fix	296
Temporary Fix	1
Workaround	5
Unavailable	10
Not Defined	40

Wykorzystywanie

High	17
Functional	2
Proof-of-Concept	61
Unproven	39
Not Defined	233

Wektor dostępu

Not Defined	0
Physical	2
Local	69
Adjacent	28
Network	253

Uwierzytelnianie

Not Defined	0
High	4
Low	99
None	249

Interakcja z użytkownikiem

Not Defined	0
Required	47
None	305

C3BM Index

CVSSv3 Base

≤1	0
≤2	1
≤3	3
≤4	24
≤5	36
≤6	89
≤7	73
≤8	57
≤9	34
≤10	35

CVSSv3 Temp

≤1	0
≤2	1
≤3	9
≤4	28
≤5	59
≤6	94
≤7	63
≤8	33
≤9	41
≤10	24

VulDB

≤1	0
≤2	1
≤3	4
≤4	25
≤5	46
≤6	91
≤7	58
≤8	80
≤9	13
≤10	34

NVD

≤1	0
≤2	0
≤3	0
≤4	1
≤5	5
≤6	14
≤7	19
≤8	32
≤9	13
≤10	33

CNA

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	1
≤7	0
≤8	0
≤9	1
≤10	2

Sprzedawca

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Research

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Exploit 0-day

<1k	0
<2k	2
<5k	32
<10k	122
<25k	144
<50k	47
<100k	4
≥100k	1

Wykorzystaj dzisiaj

<1k	291
<2k	19
<5k	23
<10k	14
<25k	5
<50k	0
<100k	0
≥100k	0

Wykorzystaj wielkość rynku

🔴 CTI Zajęcia

Affected Products (96): ADC (27), ADC Linux Client (1), ADM (2), Access Gateway (17), Access Gateway Plug-in (1), Access Gateway Plugin (1), AppDNA (1), Application Delivery Controller (4), Application Delivery Management (2), Broadcast Server (1), Citrix Presentation Server (1), Cloud Connector (1), CloudPlatform (4), CloudPortal Services Manager (8), CloudStack (1), Command Center (5), Deterministic Network Enhancer (1), Edgesight For Endpoints (1), Federated Authentication Service (1), Gateway (34), Gateway Linux Client (1), Gateway Plug-in (3), GoToMeeting (1), Hypervisor (3), ICA Client (2), ICA Client for Linux (1), License Server (1), License Server VPX (1), Licensing (1), Licensing Administration Console (1), Linux Virtual Delivery Agent (1), MetaFrame (8), MetaFrame Password Manager (1), MetaFrame Presentation Server (1), Metaframe (3), Metaframe Presentation Server (1), NFuse (2), NetScaler (8), NetScaler ADC (7), NetScaler Appliance (1), NetScaler Gateway (11), NetScaler SDX (1), Netscaler (14), Netscaler Access Gateway (1), Netscaler Application Delivery Controller (16), Netscaler Gateway (15), Netscaler SD-WAN (17), Netscaler VPX (1), Nfuse (4), Nfuse Webserver (1), Online Plug-in (2), Presentation Server (11), Presentation Server Client (1), Program Neighborhood Agent (2), Program Neighborhood Client (1), Provisioning Services (7), Receiver Desktop Lock (1), SD-WAN (15), SD-WAN Center (5), SD-WAN Center Management Console (1), SD-WAN Orchestrator for On-Premises (1), SD-WAN Premium Edition Appliance (2), SD-WAN Standard Edition Appliance (2), SD-WAN WANOP (5), SD-WAN WANOP Edition (2), SDWAN WAN-OP (6), Secure Gateway (2), Secure Mail (2), Server (1), ShareFile (4), ShareFile StorageZones (2), ShareFile Storage Zones Controller (2), ShareFile StorageZones Controller (3), StoreFront (1), Storefront Server (2), Studio (1), VDI-in-a-Box (2), Virtual Apps (4), Virtual Desktops (2), Web Interface (4), Workspace App (7), Worx Home (1), Xen (35), XenApp (7), XenCenterWeb (4), XenClient (1), XenDesktop (9), XenMobile (2), Xen Mobile (2), XenMobile Device Manager Server (1), XenMobile MDX Toolkit (1), XenMobile Server (19), XenServer (19), Zenprise Device Manager Server (1), iOS Receiver (1), program neighborhood client (1)

Link to Vendor Website: https://www.citrix.com/

Opublikowano	Base	Temp	Słaby punkt	Prod	Wyk	Prz	CTI	EPSS	CVE
2023-01-16	2.0	1.8	Citrix Workspace App ICA Session ctxwebhelper information disclosure	Connectivity Software	Proof-of-Concept	Workaround	0.07	0.00000
2022-12-27	5.4	5.3	Citrix ADC/Gateway SSL VPN Endpoint information disclosure	Connectivity Software	Not Defined	Official Fix	0.03	0.00885	CVE-2019-18177
2022-12-13	9.8	9.6	Citrix ADC/Gateway Remote Code Execution	Connectivity Software	Not Defined	Official Fix	0.04	0.01156	CVE-2022-27518
2022-11-09	8.5	8.4	Citrix Gateway/ADC VPN weak authentication	Connectivity Software	Not Defined	Official Fix	0.00	0.00885	CVE-2022-27510
2022-11-09	6.3	6.2	Citrix Gateway/ADC VPN/AAA Virtual Server information disclosure	Connectivity Software	Not Defined	Official Fix	0.00	0.00885	CVE-2022-27516
2022-11-09	8.7	8.5	Citrix Gateway/ADC VPN weak authentication	Connectivity Software	Not Defined	Official Fix	0.06	0.00885	CVE-2022-27513
2022-07-29	6.2	6.0	Citrix ADC/Gateway Redirect	Connectivity Software	Not Defined	Official Fix	0.00	0.00885	CVE-2022-27509
2022-06-15	3.5	3.4	Citrix ADM License Service denial of service	Connectivity Software	Not Defined	Official Fix	0.04	0.00885	CVE-2022-27512
2022-06-15	7.3	7.0	Citrix ADM Admin Password privilege escalation	Connectivity Software	Not Defined	Official Fix	0.06	0.01055	CVE-2022-27511
2022-05-26	8.8	8.4	Citrix Gateway Plug-in privilege escalation	Connectivity Software	Not Defined	Official Fix	0.06	0.00885	CVE-2022-21827
2022-05-26	5.3	5.1	Citrix ADC/Gateway VPN Gateway/AAA Virtual Server denial of service	Connectivity Software	Not Defined	Official Fix	0.03	0.00885	CVE-2022-27508
2022-05-26	4.3	4.1	Citrix ADC/Gateway VPN Gateway denial of service	Connectivity Software	Not Defined	Official Fix	0.06	0.00885	CVE-2022-27507
2022-04-19	6.3	6.0	Citrix XenMobile Server Create Support Bundle directory traversal	Connectivity Software	Not Defined	Official Fix	0.00	0.04571	CVE-2021-44519
2022-04-14	3.5	3.4	Citrix StoreFront SAML Authentication cross site scripting	Connectivity Software	Not Defined	Official Fix	0.11	0.00885	CVE-2022-27503
2022-04-14	3.5	3.4	Citrix SD-WAN Standard Edition Appliance cross site scripting	Network Management Software	Not Defined	Official Fix	0.03	0.00885	CVE-2022-27505
2022-04-14	6.8	6.5	Citrix SD-WAN Center Management Console CLI weak authentication	Network Management Software	Not Defined	Official Fix	0.03	0.00885	CVE-2022-27506
2022-04-13	5.5	5.5	Citrix XenMobile Server privilege escalation	Connectivity Software	Not Defined	Not Defined	0.00	0.02066	CVE-2022-26151
2022-04-13	8.8	8.8	Citrix XenMobile privilege escalation	Connectivity Software	Not Defined	Not Defined	0.06	0.04571	CVE-2021-44520
2022-03-10	3.5	3.5	Citrix Federated Authentication Service information disclosure	Connectivity Software	Not Defined	Not Defined	0.04	0.00885	CVE-2022-26355
2022-02-10	6.3	6.3	Citrix Workspace App App Protection privilege escalation	Connectivity Software	Not Defined	Not Defined	0.08	0.00885	CVE-2022-21825
2021-11-10	3.1	3.0	Citrix ADC/Gateway/SD-WAN WANOP Edition NSIP/SNIP denial of service	Network Management Software	Not Defined	Official Fix	0.05	0.00885	CVE-2021-22956
2021-11-10	5.3	5.1	Citrix ADC/Gateway VPN Gateway/AAA Virtual Server denial of service	Connectivity Software	Not Defined	Official Fix	0.05	0.00885	CVE-2021-22955
2021-09-24	7.3	7.0	Citrix ShareFile Storage Zones Controller privilege escalation	Connectivity Software	Not Defined	Official Fix	0.01	0.00885	CVE-2021-22941
2021-08-17	2.6	2.6	Citrix ShareFile Storage Zones Controller Mitigation Tool weak encryption	Connectivity Software	Not Defined	Not Defined	0.05	0.00885	CVE-2021-22932
2021-08-06	4.3	4.3	Citrix ADC/Gateway SAML Service Provider weak authentication	Connectivity Software	Not Defined	Not Defined	0.05	0.00885	CVE-2021-22927

327 więcej wpisów nie jest pokazywanych

🔒 Login Required

You need to signup and login to see more of the remaining 327 results.

◂ PoprzedniPrzeglądKolejny ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!