Vulnerability Details CVE-2015-5080
The Management Interface in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 10.1 before 10.1.132.8, 10.5 before Build 56.15, and 10.5.e before Build 56.1505.e allows remote authenticated users to execute arbitrary shell commands via shell metacharacters in the filter parameter to rapi/ipsec_logs.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.01
EPSS Ranking 76.0%
CVSS Severity
CVSS v2 Score 9.0
References
- http://security-assessment.com/files/documents/advisory/Citrix-Netscaler-Final.pdf
- http://support.citrix.com/article/CTX201149
- http://www.securityfocus.com/bid/75505
- http://www.securitytracker.com/id/1032762
- http://security-assessment.com/files/documents/advisory/Citrix-Netscaler-Final.pdf
- http://support.citrix.com/article/CTX201149
- http://www.securityfocus.com/bid/75505
- http://www.securitytracker.com/id/1032762
Products affected by CVE-2015-5080
-
cpe:2.3:o:citrix:netscaler_application_delivery_controller_firmware:10.1
-
cpe:2.3:o:citrix:netscaler_application_delivery_controller_firmware:10.1.120.1316.e
-
cpe:2.3:o:citrix:netscaler_application_delivery_controller_firmware:10.1.121
-
cpe:2.3:o:citrix:netscaler_application_delivery_controller_firmware:10.1.122
-
cpe:2.3:o:citrix:netscaler_application_delivery_controller_firmware:10.1.123
-
cpe:2.3:o:citrix:netscaler_application_delivery_controller_firmware:10.1.124
-
cpe:2.3:o:citrix:netscaler_application_delivery_controller_firmware:10.1.125
-
cpe:2.3:o:citrix:netscaler_application_delivery_controller_firmware:10.1.126
-
cpe:2.3:o:citrix:netscaler_application_delivery_controller_firmware:10.1.127
-
cpe:2.3:o:citrix:netscaler_application_delivery_controller_firmware:10.1.128
-
cpe:2.3:o:citrix:netscaler_application_delivery_controller_firmware:10.1.129
-
cpe:2.3:o:citrix:netscaler_application_delivery_controller_firmware:10.5
-
cpe:2.3:o:citrix:netscaler_application_delivery_controller_firmware:10.5e
-
cpe:2.3:o:citrix:netscaler_gateway_firmware:10.1.120.1316.e
-
cpe:2.3:o:citrix:netscaler_gateway_firmware:10.1.121
-
cpe:2.3:o:citrix:netscaler_gateway_firmware:10.1.122
-
cpe:2.3:o:citrix:netscaler_gateway_firmware:10.1.123
-
cpe:2.3:o:citrix:netscaler_gateway_firmware:10.1.124
-
cpe:2.3:o:citrix:netscaler_gateway_firmware:10.1.125
-
cpe:2.3:o:citrix:netscaler_gateway_firmware:10.1.126
-
cpe:2.3:o:citrix:netscaler_gateway_firmware:10.1.127
-
cpe:2.3:o:citrix:netscaler_gateway_firmware:10.1.128
-
cpe:2.3:o:citrix:netscaler_gateway_firmware:10.1.129
-
cpe:2.3:o:citrix:netscaler_gateway_firmware:10.5
-
cpe:2.3:o:citrix:netscaler_gateway_firmware:10.5.50.10
-
cpe:2.3:o:citrix:netscaler_gateway_firmware:10.5.51.10
-
cpe:2.3:o:citrix:netscaler_gateway_firmware:10.5e