Vulnerability Details CVE-2019-12990
Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 allow Directory Traversal.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.911
EPSS Ranking 99.6%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 10.0
References
- http://www.securityfocus.com/bid/109133
- https://support.citrix.com/search?searchQuery=%2A&lang=en&sort=relevance&prod=&pver=&ct=Security+Bulletin
- https://www.tenable.com/security/research/tra-2019-31
- http://www.securityfocus.com/bid/109133
- https://support.citrix.com/search?searchQuery=%2A&lang=en&sort=relevance&prod=&pver=&ct=Security+Bulletin
- https://www.tenable.com/security/research/tra-2019-31
Products affected by CVE-2019-12990
-
cpe:2.3:a:citrix:netscaler_sd-wan:10.0.0
-
cpe:2.3:a:citrix:netscaler_sd-wan:10.0.1
-
cpe:2.3:a:citrix:netscaler_sd-wan:10.0.2
-
cpe:2.3:a:citrix:netscaler_sd-wan:10.0.3
-
cpe:2.3:a:citrix:netscaler_sd-wan:10.0.4
-
cpe:2.3:a:citrix:netscaler_sd-wan:10.0.5
-
cpe:2.3:a:citrix:netscaler_sd-wan:10.0.6
-
cpe:2.3:a:citrix:netscaler_sd-wan:10.0.7
-
cpe:2.3:a:citrix:sd-wan:10.2.0
-
cpe:2.3:a:citrix:sd-wan:10.2.1
-
cpe:2.3:a:citrix:sd-wan:10.2.2