Vulnerability Details CVE-2024-2049
Server-Side Request Forgery (SSRF) in Citrix SD-WAN Standard/Premium Editions on or after 11.4.0 and before 11.4.4.46 allows an attacker to disclose limited information from the appliance via Access to management IP.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 39.1%
CVSS Severity
CVSS v3 Score 6.5
References
- https://support.citrix.com/article/CTX617071/citrix-sdwan-security-bulletin-for-cve20242049
- https://support.citrix.com/external/article?articleUrl=CTX617071-citrix-sdwan-security-bulletin-for-cve20242049&language=en_US
- https://support.citrix.com/article/CTX617071/citrix-sdwan-security-bulletin-for-cve20242049
Products affected by CVE-2024-2049
-
cpe:2.3:h:citrix:sd-wan_1000:-
-
cpe:2.3:h:citrix:sd-wan_1100:-
-
cpe:2.3:h:citrix:sd-wan_110:-
-
cpe:2.3:h:citrix:sd-wan_2000:-
-
cpe:2.3:h:citrix:sd-wan_2100:-
-
cpe:2.3:h:citrix:sd-wan_210:-
-
cpe:2.3:h:citrix:sd-wan_4000:-
-
cpe:2.3:h:citrix:sd-wan_400:-
-
cpe:2.3:h:citrix:sd-wan_4100:-
-
cpe:2.3:h:citrix:sd-wan_410:-
-
cpe:2.3:h:citrix:sd-wan_5100:-
-
cpe:2.3:h:citrix:sd-wan_6100:-
-
cpe:2.3:o:citrix:sd-wan_1000_firmware:11.4.0
-
cpe:2.3:o:citrix:sd-wan_1000_firmware:11.4.1
-
cpe:2.3:o:citrix:sd-wan_1100_firmware:11.4.0
-
cpe:2.3:o:citrix:sd-wan_1100_firmware:11.4.1
-
cpe:2.3:o:citrix:sd-wan_110_firmware:11.4.0
-
cpe:2.3:o:citrix:sd-wan_110_firmware:11.4.1
-
cpe:2.3:o:citrix:sd-wan_2000_firmware:11.4.0
-
cpe:2.3:o:citrix:sd-wan_2000_firmware:11.4.1
-
cpe:2.3:o:citrix:sd-wan_2100_firmware:11.4.0
-
cpe:2.3:o:citrix:sd-wan_2100_firmware:11.4.1
-
cpe:2.3:o:citrix:sd-wan_210_firmware:11.4.0
-
cpe:2.3:o:citrix:sd-wan_210_firmware:11.4.1
-
cpe:2.3:o:citrix:sd-wan_4000_firmware:11.4.0
-
cpe:2.3:o:citrix:sd-wan_4000_firmware:11.4.1
-
cpe:2.3:o:citrix:sd-wan_400_firmware:11.4.0
-
cpe:2.3:o:citrix:sd-wan_400_firmware:11.4.1
-
cpe:2.3:o:citrix:sd-wan_4100_firmware:11.4.0
-
cpe:2.3:o:citrix:sd-wan_4100_firmware:11.4.1
-
cpe:2.3:o:citrix:sd-wan_410_firmware:11.4.0
-
cpe:2.3:o:citrix:sd-wan_410_firmware:11.4.1
-
cpe:2.3:o:citrix:sd-wan_5100_firmware:11.4.0
-
cpe:2.3:o:citrix:sd-wan_5100_firmware:11.4.1
-
cpe:2.3:o:citrix:sd-wan_6100_firmware:11.4.0
-
cpe:2.3:o:citrix:sd-wan_6100_firmware:11.4.1