Citrix: Security Vulnerabilities
Citrix Application Delivery Management (ADM) 12.1 before build 54.13 has Incorrect Access Control.
CVSS Score
8.8
EPSS Score
0.005
Published
2019-10-09
CVE-2019-13608
Citrix StoreFront Server before 1903, 7.15 LTSR before CU4 (3.12.4000), and 7.6 LTSR before CU8 (3.0.8000) allows XXE attacks.
Known exploited
CVSS Score
7.5
EPSS Score
0.294
Published
2019-08-29
Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 allow Directory Traversal.
CVSS Score
9.8
EPSS Score
0.911
Published
2019-07-16
CVE-2019-12991
Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 5 of 6).
Known exploited
CVSS Score
8.8
EPSS Score
0.867
Published
2019-07-16
Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 6 of 6).
CVSS Score
8.8
EPSS Score
0.026
Published
2019-07-16
Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 1 of 6).
CVSS Score
9.8
EPSS Score
0.924
Published
2019-07-16
Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 2 of 6).
CVSS Score
9.8
EPSS Score
0.922
Published
2019-07-16
Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 3 of 6).
CVSS Score
9.8
EPSS Score
0.925
Published
2019-07-16
Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 4 of 6).
CVSS Score
9.8
EPSS Score
0.925
Published
2019-07-16
CVE-2019-12989
Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 allow SQL Injection.
Known exploited
CVSS Score
9.8
EPSS Score
0.808
Published
2019-07-16