CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-22920

A vulnerability has been discovered in Citrix ADC (formerly known as NetScaler ADC) and Citrix Gateway (formerly known as NetScaler Gateway), and Citrix SD-WAN WANOP Edition models 4000-WO, 4100-WO, 5000-WO, and 5100-WO. These vulnerabilities, if exploited, could lead to a phishing attack through a SAML authentication hijack to steal a valid user session.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 49.6%

CVSS Severity

CVSS v3 Score 6.5

CVSS v2 Score 4.3

References

Products affected by CVE-2021-22920

Citrix » Application Delivery Management » Version: 12.1-62.25

cpe:2.3:a:citrix:application_delivery_management:12.1-62.25
Citrix » Application Delivery Management » Version: 13.0-82.42

cpe:2.3:a:citrix:application_delivery_management:13.0-82.42
Citrix » Gateway » Version: 12.1-62.25

cpe:2.3:a:citrix:gateway:12.1-62.25
Citrix » Gateway » Version: 13.0-82.42

cpe:2.3:a:citrix:gateway:13.0-82.42

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-22920

Products

Pricing

Contact Us