CVE-2016-2071
Published on: 02/17/2016 12:00:00 AM UTC
Last Modified on: 03/23/2021 11:27:15 PM UTC
Certain versions of Netscaler from Citrix contain the following vulnerability:
Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 11.x before 11.0 Build 64.34, 10.5 before 10.5 Build 59.13, and 10.5.e before Build 59.1305.e allows remote attackers to gain privileges via unspecified NS Web GUI commands.
- CVE-2016-2071 has been assigned by [email protected] to track the vulnerability - currently rated as CRITICAL severity.
CVSS3 Score: 9.8 - CRITICAL
Attack Vector ⓘ |
Attack Complexity |
Privileges Required |
User Interaction |
---|---|---|---|
NETWORK | LOW | NONE | NONE |
Scope | Confidentiality Impact |
Integrity Impact |
Availability Impact |
UNCHANGED | HIGH | HIGH | HIGH |
CVSS2 Score: 10 - HIGH
Access Vector ⓘ |
Access Complexity |
Authentication |
---|---|---|
NETWORK | LOW | NONE |
Confidentiality Impact |
Integrity Impact |
Availability Impact |
COMPLETE | COMPLETE | COMPLETE |
CVE References
Description | Tags ⓘ | Link |
---|---|---|
404 - Page not found | Vendor Advisory support.citrix.com text/html | CONFIRM support.citrix.com/article/CTX206001 |
Citrix NetScaler ADC and NetScaler Gateway Bugs Let Remote Users Conduct Clickjacking Attacks and Remote Authenticated Users Gain Elevated Privileges - SecurityTracker | www.securitytracker.com text/html | SECTRACK 1035098 |
There are currently no QIDs associated with this CVE
Known Affected Configurations (CPE V2.3)
Type | Vendor | Product | Version | Update | Edition | Language |
---|---|---|---|---|---|---|
Application | Citrix | Netscaler | 10.5 | All | All | All |
Application | Citrix | Netscaler | 10.5e | All | All | All |
Application | Citrix | Netscaler | 11.0 | All | All | All |
Application | Citrix | Netscaler | 10.5 | All | All | All |
Application | Citrix | Netscaler | 10.5e | All | All | All |
Application | Citrix | Netscaler | 11.0 | All | All | All |
Hardware | Citrix | Netscaler Application Delivery Controller | - | All | All | All |
Hardware | Citrix | Netscaler Application Delivery Controller | - | All | All | All |
Hardware | Citrix | Netscaler Gateway | - | All | All | All |
Hardware | Citrix | Netscaler Gateway | - | All | All | All |
- cpe:2.3:a:citrix:netscaler:10.5:*:*:*:*:*:*:*:
- cpe:2.3:a:citrix:netscaler:10.5e:*:*:*:*:*:*:*:
- cpe:2.3:a:citrix:netscaler:11.0:*:*:*:*:*:*:*:
- cpe:2.3:a:citrix:netscaler:10.5:*:*:*:*:*:*:*:
- cpe:2.3:a:citrix:netscaler:10.5e:*:*:*:*:*:*:*:
- cpe:2.3:a:citrix:netscaler:11.0:*:*:*:*:*:*:*:
- cpe:2.3:h:citrix:netscaler_application_delivery_controller:-:*:*:*:*:*:*:*:
- cpe:2.3:h:citrix:netscaler_application_delivery_controller:-:*:*:*:*:*:*:*:
- cpe:2.3:h:citrix:netscaler_gateway:-:*:*:*:*:*:*:*:
- cpe:2.3:h:citrix:netscaler_gateway:-:*:*:*:*:*:*:*:
No vendor comments have been submitted for this CVE