Computer Security
[EN] securityvulns.ru no-pyccku


Citrix NetScaler security vulnerabilities
Published:21.07.2014
Source:
SecurityVulns ID:13877
Type:remote
Threat Level:
5/10
Description:Information leak, XSS.
Affected:CITRIX : NetScaler 10.1
CVE:CVE-2014-4347 (Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway (formerly Access Gateway Enterprise Edition) before 9.3-62.4 and 10.x before 10.1-126.12 allows attackers to obtain sensitive information via vectors related to a cookie.)
 CVE-2014-4346 (Cross-site scripting (XSS) vulnerability in administration user interface in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway (formerly Access Gateway Enterprise Edition) 10.1 before 10.1-126.12 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.)
Original documentdocumentSEC Consult Vulnerability Lab, SEC Consult SA-20140716-2 :: Multiple vulnerabilities in Citrix NetScaler Application Delivery Controller and Citrix NetScaler Gateway (21.07.2014)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod