CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-5314

Command injection vulnerability in Citrix NetScaler ADC and NetScaler Gateway 11.0 before build 70.16, 11.1 before build 55.13, and 12.0 before build 53.13; and the NetScaler Load Balancing instance distributed with NetScaler SD-WAN/CloudBridge 4000, 4100, 5000 and 5100 WAN Optimization Edition 9.3.0 allows remote attackers to execute a system command or read arbitrary files via an SSH login prompt.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.035

EPSS Ranking 87.0%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 5.0

References

Products affected by CVE-2018-5314

Citrix » Netscaler Application Delivery Controller » Version: 11.0

cpe:2.3:a:citrix:netscaler_application_delivery_controller:11.0
Citrix » Netscaler Application Delivery Controller » Version: 11.1

cpe:2.3:a:citrix:netscaler_application_delivery_controller:11.1
Citrix » Netscaler Application Delivery Controller » Version: 12.0

cpe:2.3:a:citrix:netscaler_application_delivery_controller:12.0
Citrix » Netscaler Gateway » Version: 11.0

cpe:2.3:a:citrix:netscaler_gateway:11.0
Citrix » Netscaler Gateway » Version: 11.1

cpe:2.3:a:citrix:netscaler_gateway:11.1
Citrix » Netscaler Gateway » Version: 12.0

cpe:2.3:a:citrix:netscaler_gateway:12.0
Citrix » Netscaler Sd-Wan » Version: 9.3.0

cpe:2.3:a:citrix:netscaler_sd-wan:9.3.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-5314

Products

Pricing

Contact Us