Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
6 vulnerabilities by NetSclaer
CVE-2024-8534 (GCVE-0-2024-8534)
Vulnerability from nvd – Published: 2024-11-12 18:15 – Updated: 2024-11-21 16:19
VLAI
Title
Memory safety vulnerability leading to memory corruption and Denial of Service
Summary
Memory safety vulnerability leading to memory corruption and Denial of Service in NetScaler ADC and Gateway if the appliance must be configured as a Gateway (VPN Vserver) with RDP Feature enabled OR the appliance must be configured as a Gateway (VPN Vserver) and RDP Proxy Server Profile is created and set to Gateway (VPN Vserver) OR the appliance must be configured as a Auth Server (AAA Vserver) with RDP Feature enabled
Severity
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
Assigner
References
1 reference
Impacted products
8 products
| Vendor | Product | Version | |
|---|---|---|---|
| NetSclaer | NetScaler ADC |
Affected:
14.1 , < 29.72
(patch)
Affected: 13.1 , < 55.34 (patch) Affected: 13.1-FIPS , < 37.207 (patch) Affected: 12.1-FIPS , < 55.321 (patch) Affected: 12.1-NDcPP , < 55.321 (patch) |
|
| NetScaler | NetScaler Gateway |
Affected:
14.1 , < 29.72
(patch)
Affected: 13.1 , < 55.34 (patch) Affected: 13.1-FIPS , < 37.207 (patch) Affected: 12.1-FIPS , < 55.321 (patch) Affected: 12.1-NDcPP , < 55.321 (patch) |
|
| netscaler | adc |
Affected:
14.1 , < 14.1-29.72
(custom)
cpe:2.3:a:netscaler:adc:*:*:*:*:*:*:*:* |
|
| netscaler | gateway |
Affected:
14.1 , < 14.1-29.72
(custom)
cpe:2.3:a:netscaler:gateway:*:*:*:*:*:*:*:* |
|
| netscaler | adc |
Affected:
13.1 , < 13.1-55.34
(custom)
cpe:2.3:a:netscaler:adc:*:*:*:*:*:*:*:* |
|
| netscaler | netscaler-adc_13.1-fips |
Affected:
13.1 , < 13.1-37.207
(custom)
cpe:2.3:a:netscaler:netscaler-adc_13.1-fips:*:*:*:*:*:*:*:* |
|
| netscaler | netscaler-adc_12.1-fips |
Affected:
12.1 , < 12.1-55.321
(custom)
cpe:2.3:a:netscaler:netscaler-adc_12.1-fips:12.1:*:*:*:*:*:*:* |
|
| netscaler | netscaler-adc_12.1-ndcpp |
Affected:
12.1 , < 12.1-55.321
(custom)
cpe:2.3:a:netscaler:netscaler-adc_12.1-ndcpp:12.1:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:netscaler:adc:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "adc",
"vendor": "netscaler",
"versions": [
{
"lessThan": "14.1-29.72",
"status": "affected",
"version": "14.1",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:netscaler:gateway:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "gateway",
"vendor": "netscaler",
"versions": [
{
"lessThan": "14.1-29.72",
"status": "affected",
"version": "14.1",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:netscaler:adc:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "adc",
"vendor": "netscaler",
"versions": [
{
"lessThan": "13.1-55.34",
"status": "affected",
"version": "13.1",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:netscaler:netscaler-adc_13.1-fips:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "netscaler-adc_13.1-fips",
"vendor": "netscaler",
"versions": [
{
"lessThan": "13.1-37.207",
"status": "affected",
"version": "13.1",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:netscaler:netscaler-adc_12.1-fips:12.1:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "netscaler-adc_12.1-fips",
"vendor": "netscaler",
"versions": [
{
"lessThan": "12.1-55.321",
"status": "affected",
"version": "12.1",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:netscaler:netscaler-adc_12.1-ndcpp:12.1:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "netscaler-adc_12.1-ndcpp",
"vendor": "netscaler",
"versions": [
{
"lessThan": "12.1-55.321",
"status": "affected",
"version": "12.1",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-8534",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-13T14:38:35.887321Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-21T16:19:44.438Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "NetScaler ADC",
"vendor": "NetSclaer",
"versions": [
{
"lessThan": "29.72",
"status": "affected",
"version": "14.1",
"versionType": "patch"
},
{
"lessThan": "55.34",
"status": "affected",
"version": "13.1",
"versionType": "patch"
},
{
"lessThan": "37.207",
"status": "affected",
"version": "13.1-FIPS",
"versionType": "patch"
},
{
"lessThan": "55.321",
"status": "affected",
"version": "12.1-FIPS",
"versionType": "patch"
},
{
"lessThan": "55.321",
"status": "affected",
"version": "12.1-NDcPP",
"versionType": "patch"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NetScaler Gateway",
"vendor": "NetScaler",
"versions": [
{
"lessThan": "29.72",
"status": "affected",
"version": "14.1",
"versionType": "patch"
},
{
"lessThan": "55.34",
"status": "affected",
"version": "13.1",
"versionType": "patch"
},
{
"lessThan": "37.207",
"status": "affected",
"version": "13.1-FIPS",
"versionType": "patch"
},
{
"lessThan": "55.321",
"status": "affected",
"version": "12.1-FIPS",
"versionType": "patch"
},
{
"lessThan": "55.321",
"status": "affected",
"version": "12.1-NDcPP",
"versionType": "patch"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eMemory safety vulnerability leading to memory corruption and Denial of Service\u0026nbsp;\u003c/span\u003ein NetScaler ADC and Gateway if t\u003cspan style=\"background-color: var(--wht);\"\u003ehe appliance must be configured as a Gateway (VPN Vserver) with RDP Feature enabled\u0026nbsp;\u003c/span\u003e\u003cstrong\u003eOR t\u003c/strong\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ehe appliance must be configured as a Gateway (VPN Vserver) and RDP Proxy Server Profile is created and set to Gateway (VPN Vserver)\u0026nbsp;\u003c/span\u003e\u003cstrong\u003eOR t\u003c/strong\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ehe appliance must be configured as a Auth Server (AAA Vserver) with RDP Feature enabled\u003c/span\u003e\u003cstrong\u003e\u003cbr\u003e\u003c/strong\u003e\u003cbr\u003e"
}
],
"value": "Memory safety vulnerability leading to memory corruption and Denial of Service\u00a0in NetScaler ADC and Gateway if the appliance must be configured as a Gateway (VPN Vserver) with RDP Feature enabled\u00a0OR the appliance must be configured as a Gateway (VPN Vserver) and RDP Proxy Server Profile is created and set to Gateway (VPN Vserver)\u00a0OR the appliance must be configured as a Auth Server (AAA Vserver) with RDP Feature enabled"
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:L",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-12T18:15:44.673Z",
"orgId": "e437aed5-38e0-4fa3-a98b-cb73e7acaec6",
"shortName": "Citrix"
},
"references": [
{
"url": "https://support.citrix.com/s/article/CTX691608-netscaler-adc-and-netscaler-gateway-security-bulletin-for-cve20248534-and-cve20248535?language=en_US"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Memory safety vulnerability leading to memory corruption and Denial of Service",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "e437aed5-38e0-4fa3-a98b-cb73e7acaec6",
"assignerShortName": "Citrix",
"cveId": "CVE-2024-8534",
"datePublished": "2024-11-12T18:15:44.673Z",
"dateReserved": "2024-09-06T17:18:25.789Z",
"dateUpdated": "2024-11-21T16:19:44.438Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-6236 (GCVE-0-2024-6236)
Vulnerability from nvd – Published: 2024-07-10 20:18 – Updated: 2025-08-27 20:42
VLAI
Title
Denial of Service
Summary
Denial of Service in NetScaler Console (formerly NetScaler ADM), NetScaler Agent, and NetScaler SDX
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
Assigner
References
1 reference
Impacted products
6 products
| Vendor | Product | Version | |
|---|---|---|---|
| NetSclaer | NetScaler Console |
Affected:
14.1 , < 25.53
(patch)
Affected: 13.1 , < 52.25 (patch) Affected: 13.0 , < 92.31 (patch) |
|
| NetScaler | Agent |
Affected:
14.1 , < 25.53
(patch)
Affected: 13.1 , < 52.25 (patch) Affected: 13.0 , < 92.31 (patch) |
|
| NetScaler | SDX |
Affected:
14.1 , < 25.53
(patch)
Affected: 13.1 , < 52.25 (patch) Affected: 13.0 , < 92.31 (patch) |
|
| netscaler | netscaler_console |
Affected:
14.1 , < 25.53
(custom)
Affected: 13.1 , < 52.25 (custom) Affected: 13.0 , < 92.31 (custom) cpe:2.3:a:netscaler:netscaler_console:*:*:*:*:*:*:*:* |
|
| netscaler | agent |
Affected:
14.1 , < 25.53
(custom)
Affected: 13.1 , < 52.25 (custom) Affected: 13.0 , < 92.31 (custom) cpe:2.3:a:netscaler:agent:*:*:*:*:*:*:*:* |
|
| netscaler | sdx |
Affected:
14.1 , < 25.53
(custom)
Affected: 13.1 , < 52.25 (custom) Affected: 13.0 , < 92.31 (custom) cpe:2.3:a:netscaler:sdx:*:*:*:*:*:*:*:* |
Date Public
2024-07-09 20:12
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:netscaler:netscaler_console:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "netscaler_console",
"vendor": "netscaler",
"versions": [
{
"lessThan": "25.53",
"status": "affected",
"version": "14.1",
"versionType": "custom"
},
{
"lessThan": "52.25",
"status": "affected",
"version": "13.1",
"versionType": "custom"
},
{
"lessThan": "92.31",
"status": "affected",
"version": "13.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:netscaler:netscaler_console:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "netscaler_console",
"vendor": "netscaler",
"versions": [
{
"lessThan": "25.53",
"status": "affected",
"version": "14.1",
"versionType": "custom"
},
{
"lessThan": "52.25",
"status": "affected",
"version": "13.1",
"versionType": "custom"
},
{
"lessThan": "92.31",
"status": "affected",
"version": "13.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:netscaler:netscaler_console:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "netscaler_console",
"vendor": "netscaler",
"versions": [
{
"lessThan": "25.53",
"status": "affected",
"version": "14.1",
"versionType": "custom"
},
{
"lessThan": "52.25",
"status": "affected",
"version": "13.1",
"versionType": "custom"
},
{
"lessThan": "92.31",
"status": "affected",
"version": "13.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:netscaler:agent:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "agent",
"vendor": "netscaler",
"versions": [
{
"lessThan": "25.53",
"status": "affected",
"version": "14.1",
"versionType": "custom"
},
{
"lessThan": "52.25",
"status": "affected",
"version": "13.1",
"versionType": "custom"
},
{
"lessThan": "92.31",
"status": "affected",
"version": "13.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:netscaler:agent:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "agent",
"vendor": "netscaler",
"versions": [
{
"lessThan": "25.53",
"status": "affected",
"version": "14.1",
"versionType": "custom"
},
{
"lessThan": "52.25",
"status": "affected",
"version": "13.1",
"versionType": "custom"
},
{
"lessThan": "92.31",
"status": "affected",
"version": "13.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:netscaler:agent:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "agent",
"vendor": "netscaler",
"versions": [
{
"lessThan": "25.53",
"status": "affected",
"version": "14.1",
"versionType": "custom"
},
{
"lessThan": "52.25",
"status": "affected",
"version": "13.1",
"versionType": "custom"
},
{
"lessThan": "92.31",
"status": "affected",
"version": "13.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:netscaler:sdx:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "sdx",
"vendor": "netscaler",
"versions": [
{
"lessThan": "25.53",
"status": "affected",
"version": "14.1",
"versionType": "custom"
},
{
"lessThan": "52.25",
"status": "affected",
"version": "13.1",
"versionType": "custom"
},
{
"lessThan": "92.31",
"status": "affected",
"version": "13.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:netscaler:sdx:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "sdx",
"vendor": "netscaler",
"versions": [
{
"lessThan": "25.53",
"status": "affected",
"version": "14.1",
"versionType": "custom"
},
{
"lessThan": "52.25",
"status": "affected",
"version": "13.1",
"versionType": "custom"
},
{
"lessThan": "92.31",
"status": "affected",
"version": "13.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:netscaler:sdx:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "sdx",
"vendor": "netscaler",
"versions": [
{
"lessThan": "25.53",
"status": "affected",
"version": "14.1",
"versionType": "custom"
},
{
"lessThan": "52.25",
"status": "affected",
"version": "13.1",
"versionType": "custom"
},
{
"lessThan": "92.31",
"status": "affected",
"version": "13.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-6236",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-16T17:23:21.359193Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-27T20:42:59.832Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T21:33:05.284Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.citrix.com/article/CTX677998"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "NetScaler Console",
"vendor": "NetSclaer",
"versions": [
{
"lessThan": "25.53",
"status": "affected",
"version": "14.1",
"versionType": "patch"
},
{
"lessThan": "52.25",
"status": "affected",
"version": "13.1",
"versionType": "patch"
},
{
"lessThan": "92.31",
"status": "affected",
"version": "13.0",
"versionType": "patch"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Agent",
"vendor": "NetScaler",
"versions": [
{
"lessThan": "25.53",
"status": "affected",
"version": "14.1",
"versionType": "patch"
},
{
"lessThan": "52.25",
"status": "affected",
"version": "13.1",
"versionType": "patch"
},
{
"lessThan": "92.31",
"status": "affected",
"version": "13.0",
"versionType": "patch"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SDX",
"vendor": "NetScaler",
"versions": [
{
"lessThan": "25.53",
"status": "affected",
"version": "14.1",
"versionType": "patch"
},
{
"lessThan": "52.25",
"status": "affected",
"version": "13.1",
"versionType": "patch"
},
{
"lessThan": "92.31",
"status": "affected",
"version": "13.0",
"versionType": "patch"
}
]
}
],
"datePublic": "2024-07-09T20:12:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cb\u003e\u003cspan style=\"background-color: transparent;\"\u003eDenial of Service \u003c/span\u003e\u003c/b\u003e in\u0026nbsp;\u003cb\u003e\u003cspan style=\"background-color: transparent;\"\u003eNetScaler Console (formerly NetScaler ADM), NetScaler Agent, and NetScaler SDX\u003c/span\u003e\u003c/b\u003e\u003cbr\u003e"
}
],
"value": "Denial of Service in\u00a0NetScaler Console (formerly NetScaler ADM), NetScaler Agent, and NetScaler SDX"
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-10T20:18:04.274Z",
"orgId": "e437aed5-38e0-4fa3-a98b-cb73e7acaec6",
"shortName": "Citrix"
},
"references": [
{
"url": "https://support.citrix.com/article/CTX677998"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Denial of Service",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "e437aed5-38e0-4fa3-a98b-cb73e7acaec6",
"assignerShortName": "Citrix",
"cveId": "CVE-2024-6236",
"datePublished": "2024-07-10T20:18:04.274Z",
"dateReserved": "2024-06-21T01:16:39.466Z",
"dateUpdated": "2025-08-27T20:42:59.832Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-5492 (GCVE-0-2024-5492)
Vulnerability from nvd – Published: 2024-07-10 19:04 – Updated: 2024-08-01 21:11
VLAI
Title
Open redirect vulnerability allows a remote unauthenticated attacker to redirect users to arbitrary websites
Summary
Open redirect vulnerability allows a remote unauthenticated attacker to redirect users to arbitrary websites in NetScaler ADC and NetScaler Gateway
Severity
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-601 - URL Redirection to Untrusted Site ('Open Redirect')
Assigner
References
1 reference
Impacted products
3 products
| Vendor | Product | Version | |
|---|---|---|---|
| NetSclaer | NetScaler ADC |
Affected:
14.1 , < 25.53
(patch)
Affected: 13.1 , < 53.17 (patch) Affected: 13.0 , < 92.13 (patch) Affected: 13.1-FIPS , < 37.183 (patch) Affected: 12.1-FIPS , < 55.304 (patch) Affected: 12.1-NDcPP , < 55.304 (patch) |
|
| citrix | netscaler_application_delivery_controller |
Affected:
14.1 , < 14.1-25.53
(custom)
Affected: 13.1 , < 13.1-53.17 (custom) Affected: 13.0 , < 13.0-92.31 (custom) Affected: 13.1-FIPS , < 13.1-37.183 (custom) Affected: 12.1-FIPS , < 12.1-55.304 (custom) Affected: 12.1-NDcPP , < 12.1-55.304 (custom) cpe:2.3:a:citrix:netscaler_application_delivery_controller:*:*:*:*:*:*:*:* |
|
| citrix | netscaler_gateway |
Affected:
14.1 , < 14.1-25.53
(custom)
Affected: 13.1 , < 13.1-53.17 (custom) Affected: 13.0 , < 13.0-92.31 (custom) cpe:2.3:a:citrix:netscaler_gateway:*:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:citrix:netscaler_application_delivery_controller:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "netscaler_application_delivery_controller",
"vendor": "citrix",
"versions": [
{
"lessThan": "14.1-25.53",
"status": "affected",
"version": "14.1",
"versionType": "custom"
},
{
"lessThan": "13.1-53.17",
"status": "affected",
"version": "13.1",
"versionType": "custom"
},
{
"lessThan": "13.0-92.31",
"status": "affected",
"version": "13.0",
"versionType": "custom"
},
{
"lessThan": "13.1-37.183",
"status": "affected",
"version": "13.1-FIPS",
"versionType": "custom"
},
{
"lessThan": "12.1-55.304",
"status": "affected",
"version": "12.1-FIPS",
"versionType": "custom"
},
{
"lessThan": "12.1-55.304",
"status": "affected",
"version": "12.1-NDcPP",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:citrix:netscaler_gateway:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "netscaler_gateway",
"vendor": "citrix",
"versions": [
{
"lessThan": "14.1-25.53",
"status": "affected",
"version": "14.1",
"versionType": "custom"
},
{
"lessThan": "13.1-53.17",
"status": "affected",
"version": "13.1",
"versionType": "custom"
},
{
"lessThan": "13.0-92.31",
"status": "affected",
"version": "13.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-5492",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-12T20:06:46.037235Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-601",
"description": "CWE-601 URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-12T20:15:15.431Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T21:11:12.831Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.citrix.com/article/CTX677944/netscaler-adc-and-netscaler-gateway-security-bulletin-for-cve20245491-and-cve20245492"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "NetScaler ADC",
"vendor": "NetSclaer",
"versions": [
{
"lessThan": "25.53",
"status": "affected",
"version": "14.1",
"versionType": "patch"
},
{
"lessThan": "53.17",
"status": "affected",
"version": "13.1",
"versionType": "patch"
},
{
"lessThan": "92.13",
"status": "affected",
"version": "13.0",
"versionType": "patch"
},
{
"lessThan": "37.183",
"status": "affected",
"version": "13.1-FIPS",
"versionType": "patch"
},
{
"lessThan": "55.304",
"status": "affected",
"version": "12.1-FIPS",
"versionType": "patch"
},
{
"lessThan": "55.304",
"status": "affected",
"version": "12.1-NDcPP",
"versionType": "patch"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eOpen redirect vulnerability allows a remote unauthenticated attacker to redirect users to arbitrary websites\u003c/span\u003e\u0026nbsp;in \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eNetScaler ADC and NetScaler Gateway \u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Open redirect vulnerability allows a remote unauthenticated attacker to redirect users to arbitrary websites\u00a0in NetScaler ADC and NetScaler Gateway"
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-10T19:04:40.775Z",
"orgId": "e437aed5-38e0-4fa3-a98b-cb73e7acaec6",
"shortName": "Citrix"
},
"references": [
{
"url": "https://support.citrix.com/article/CTX677944/netscaler-adc-and-netscaler-gateway-security-bulletin-for-cve20245491-and-cve20245492"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Open redirect vulnerability allows a remote unauthenticated attacker to redirect users to arbitrary websites",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "e437aed5-38e0-4fa3-a98b-cb73e7acaec6",
"assignerShortName": "Citrix",
"cveId": "CVE-2024-5492",
"datePublished": "2024-07-10T19:04:40.775Z",
"dateReserved": "2024-05-29T20:16:36.573Z",
"dateUpdated": "2024-08-01T21:11:12.831Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-8534 (GCVE-0-2024-8534)
Vulnerability from cvelistv5 – Published: 2024-11-12 18:15 – Updated: 2024-11-21 16:19
VLAI
Title
Memory safety vulnerability leading to memory corruption and Denial of Service
Summary
Memory safety vulnerability leading to memory corruption and Denial of Service in NetScaler ADC and Gateway if the appliance must be configured as a Gateway (VPN Vserver) with RDP Feature enabled OR the appliance must be configured as a Gateway (VPN Vserver) and RDP Proxy Server Profile is created and set to Gateway (VPN Vserver) OR the appliance must be configured as a Auth Server (AAA Vserver) with RDP Feature enabled
Severity
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
Assigner
References
1 reference
Impacted products
8 products
| Vendor | Product | Version | |
|---|---|---|---|
| NetSclaer | NetScaler ADC |
Affected:
14.1 , < 29.72
(patch)
Affected: 13.1 , < 55.34 (patch) Affected: 13.1-FIPS , < 37.207 (patch) Affected: 12.1-FIPS , < 55.321 (patch) Affected: 12.1-NDcPP , < 55.321 (patch) |
|
| NetScaler | NetScaler Gateway |
Affected:
14.1 , < 29.72
(patch)
Affected: 13.1 , < 55.34 (patch) Affected: 13.1-FIPS , < 37.207 (patch) Affected: 12.1-FIPS , < 55.321 (patch) Affected: 12.1-NDcPP , < 55.321 (patch) |
|
| netscaler | adc |
Affected:
14.1 , < 14.1-29.72
(custom)
cpe:2.3:a:netscaler:adc:*:*:*:*:*:*:*:* |
|
| netscaler | gateway |
Affected:
14.1 , < 14.1-29.72
(custom)
cpe:2.3:a:netscaler:gateway:*:*:*:*:*:*:*:* |
|
| netscaler | adc |
Affected:
13.1 , < 13.1-55.34
(custom)
cpe:2.3:a:netscaler:adc:*:*:*:*:*:*:*:* |
|
| netscaler | netscaler-adc_13.1-fips |
Affected:
13.1 , < 13.1-37.207
(custom)
cpe:2.3:a:netscaler:netscaler-adc_13.1-fips:*:*:*:*:*:*:*:* |
|
| netscaler | netscaler-adc_12.1-fips |
Affected:
12.1 , < 12.1-55.321
(custom)
cpe:2.3:a:netscaler:netscaler-adc_12.1-fips:12.1:*:*:*:*:*:*:* |
|
| netscaler | netscaler-adc_12.1-ndcpp |
Affected:
12.1 , < 12.1-55.321
(custom)
cpe:2.3:a:netscaler:netscaler-adc_12.1-ndcpp:12.1:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:netscaler:adc:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "adc",
"vendor": "netscaler",
"versions": [
{
"lessThan": "14.1-29.72",
"status": "affected",
"version": "14.1",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:netscaler:gateway:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "gateway",
"vendor": "netscaler",
"versions": [
{
"lessThan": "14.1-29.72",
"status": "affected",
"version": "14.1",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:netscaler:adc:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "adc",
"vendor": "netscaler",
"versions": [
{
"lessThan": "13.1-55.34",
"status": "affected",
"version": "13.1",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:netscaler:netscaler-adc_13.1-fips:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "netscaler-adc_13.1-fips",
"vendor": "netscaler",
"versions": [
{
"lessThan": "13.1-37.207",
"status": "affected",
"version": "13.1",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:netscaler:netscaler-adc_12.1-fips:12.1:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "netscaler-adc_12.1-fips",
"vendor": "netscaler",
"versions": [
{
"lessThan": "12.1-55.321",
"status": "affected",
"version": "12.1",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:netscaler:netscaler-adc_12.1-ndcpp:12.1:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "netscaler-adc_12.1-ndcpp",
"vendor": "netscaler",
"versions": [
{
"lessThan": "12.1-55.321",
"status": "affected",
"version": "12.1",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-8534",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-13T14:38:35.887321Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-21T16:19:44.438Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "NetScaler ADC",
"vendor": "NetSclaer",
"versions": [
{
"lessThan": "29.72",
"status": "affected",
"version": "14.1",
"versionType": "patch"
},
{
"lessThan": "55.34",
"status": "affected",
"version": "13.1",
"versionType": "patch"
},
{
"lessThan": "37.207",
"status": "affected",
"version": "13.1-FIPS",
"versionType": "patch"
},
{
"lessThan": "55.321",
"status": "affected",
"version": "12.1-FIPS",
"versionType": "patch"
},
{
"lessThan": "55.321",
"status": "affected",
"version": "12.1-NDcPP",
"versionType": "patch"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NetScaler Gateway",
"vendor": "NetScaler",
"versions": [
{
"lessThan": "29.72",
"status": "affected",
"version": "14.1",
"versionType": "patch"
},
{
"lessThan": "55.34",
"status": "affected",
"version": "13.1",
"versionType": "patch"
},
{
"lessThan": "37.207",
"status": "affected",
"version": "13.1-FIPS",
"versionType": "patch"
},
{
"lessThan": "55.321",
"status": "affected",
"version": "12.1-FIPS",
"versionType": "patch"
},
{
"lessThan": "55.321",
"status": "affected",
"version": "12.1-NDcPP",
"versionType": "patch"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eMemory safety vulnerability leading to memory corruption and Denial of Service\u0026nbsp;\u003c/span\u003ein NetScaler ADC and Gateway if t\u003cspan style=\"background-color: var(--wht);\"\u003ehe appliance must be configured as a Gateway (VPN Vserver) with RDP Feature enabled\u0026nbsp;\u003c/span\u003e\u003cstrong\u003eOR t\u003c/strong\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ehe appliance must be configured as a Gateway (VPN Vserver) and RDP Proxy Server Profile is created and set to Gateway (VPN Vserver)\u0026nbsp;\u003c/span\u003e\u003cstrong\u003eOR t\u003c/strong\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ehe appliance must be configured as a Auth Server (AAA Vserver) with RDP Feature enabled\u003c/span\u003e\u003cstrong\u003e\u003cbr\u003e\u003c/strong\u003e\u003cbr\u003e"
}
],
"value": "Memory safety vulnerability leading to memory corruption and Denial of Service\u00a0in NetScaler ADC and Gateway if the appliance must be configured as a Gateway (VPN Vserver) with RDP Feature enabled\u00a0OR the appliance must be configured as a Gateway (VPN Vserver) and RDP Proxy Server Profile is created and set to Gateway (VPN Vserver)\u00a0OR the appliance must be configured as a Auth Server (AAA Vserver) with RDP Feature enabled"
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:L",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-12T18:15:44.673Z",
"orgId": "e437aed5-38e0-4fa3-a98b-cb73e7acaec6",
"shortName": "Citrix"
},
"references": [
{
"url": "https://support.citrix.com/s/article/CTX691608-netscaler-adc-and-netscaler-gateway-security-bulletin-for-cve20248534-and-cve20248535?language=en_US"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Memory safety vulnerability leading to memory corruption and Denial of Service",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "e437aed5-38e0-4fa3-a98b-cb73e7acaec6",
"assignerShortName": "Citrix",
"cveId": "CVE-2024-8534",
"datePublished": "2024-11-12T18:15:44.673Z",
"dateReserved": "2024-09-06T17:18:25.789Z",
"dateUpdated": "2024-11-21T16:19:44.438Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-6236 (GCVE-0-2024-6236)
Vulnerability from cvelistv5 – Published: 2024-07-10 20:18 – Updated: 2025-08-27 20:42
VLAI
Title
Denial of Service
Summary
Denial of Service in NetScaler Console (formerly NetScaler ADM), NetScaler Agent, and NetScaler SDX
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
Assigner
References
1 reference
Impacted products
6 products
| Vendor | Product | Version | |
|---|---|---|---|
| NetSclaer | NetScaler Console |
Affected:
14.1 , < 25.53
(patch)
Affected: 13.1 , < 52.25 (patch) Affected: 13.0 , < 92.31 (patch) |
|
| NetScaler | Agent |
Affected:
14.1 , < 25.53
(patch)
Affected: 13.1 , < 52.25 (patch) Affected: 13.0 , < 92.31 (patch) |
|
| NetScaler | SDX |
Affected:
14.1 , < 25.53
(patch)
Affected: 13.1 , < 52.25 (patch) Affected: 13.0 , < 92.31 (patch) |
|
| netscaler | netscaler_console |
Affected:
14.1 , < 25.53
(custom)
Affected: 13.1 , < 52.25 (custom) Affected: 13.0 , < 92.31 (custom) cpe:2.3:a:netscaler:netscaler_console:*:*:*:*:*:*:*:* |
|
| netscaler | agent |
Affected:
14.1 , < 25.53
(custom)
Affected: 13.1 , < 52.25 (custom) Affected: 13.0 , < 92.31 (custom) cpe:2.3:a:netscaler:agent:*:*:*:*:*:*:*:* |
|
| netscaler | sdx |
Affected:
14.1 , < 25.53
(custom)
Affected: 13.1 , < 52.25 (custom) Affected: 13.0 , < 92.31 (custom) cpe:2.3:a:netscaler:sdx:*:*:*:*:*:*:*:* |
Date Public
2024-07-09 20:12
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:netscaler:netscaler_console:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "netscaler_console",
"vendor": "netscaler",
"versions": [
{
"lessThan": "25.53",
"status": "affected",
"version": "14.1",
"versionType": "custom"
},
{
"lessThan": "52.25",
"status": "affected",
"version": "13.1",
"versionType": "custom"
},
{
"lessThan": "92.31",
"status": "affected",
"version": "13.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:netscaler:netscaler_console:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "netscaler_console",
"vendor": "netscaler",
"versions": [
{
"lessThan": "25.53",
"status": "affected",
"version": "14.1",
"versionType": "custom"
},
{
"lessThan": "52.25",
"status": "affected",
"version": "13.1",
"versionType": "custom"
},
{
"lessThan": "92.31",
"status": "affected",
"version": "13.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:netscaler:netscaler_console:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "netscaler_console",
"vendor": "netscaler",
"versions": [
{
"lessThan": "25.53",
"status": "affected",
"version": "14.1",
"versionType": "custom"
},
{
"lessThan": "52.25",
"status": "affected",
"version": "13.1",
"versionType": "custom"
},
{
"lessThan": "92.31",
"status": "affected",
"version": "13.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:netscaler:agent:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "agent",
"vendor": "netscaler",
"versions": [
{
"lessThan": "25.53",
"status": "affected",
"version": "14.1",
"versionType": "custom"
},
{
"lessThan": "52.25",
"status": "affected",
"version": "13.1",
"versionType": "custom"
},
{
"lessThan": "92.31",
"status": "affected",
"version": "13.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:netscaler:agent:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "agent",
"vendor": "netscaler",
"versions": [
{
"lessThan": "25.53",
"status": "affected",
"version": "14.1",
"versionType": "custom"
},
{
"lessThan": "52.25",
"status": "affected",
"version": "13.1",
"versionType": "custom"
},
{
"lessThan": "92.31",
"status": "affected",
"version": "13.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:netscaler:agent:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "agent",
"vendor": "netscaler",
"versions": [
{
"lessThan": "25.53",
"status": "affected",
"version": "14.1",
"versionType": "custom"
},
{
"lessThan": "52.25",
"status": "affected",
"version": "13.1",
"versionType": "custom"
},
{
"lessThan": "92.31",
"status": "affected",
"version": "13.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:netscaler:sdx:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "sdx",
"vendor": "netscaler",
"versions": [
{
"lessThan": "25.53",
"status": "affected",
"version": "14.1",
"versionType": "custom"
},
{
"lessThan": "52.25",
"status": "affected",
"version": "13.1",
"versionType": "custom"
},
{
"lessThan": "92.31",
"status": "affected",
"version": "13.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:netscaler:sdx:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "sdx",
"vendor": "netscaler",
"versions": [
{
"lessThan": "25.53",
"status": "affected",
"version": "14.1",
"versionType": "custom"
},
{
"lessThan": "52.25",
"status": "affected",
"version": "13.1",
"versionType": "custom"
},
{
"lessThan": "92.31",
"status": "affected",
"version": "13.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:netscaler:sdx:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "sdx",
"vendor": "netscaler",
"versions": [
{
"lessThan": "25.53",
"status": "affected",
"version": "14.1",
"versionType": "custom"
},
{
"lessThan": "52.25",
"status": "affected",
"version": "13.1",
"versionType": "custom"
},
{
"lessThan": "92.31",
"status": "affected",
"version": "13.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-6236",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-16T17:23:21.359193Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-27T20:42:59.832Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T21:33:05.284Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.citrix.com/article/CTX677998"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "NetScaler Console",
"vendor": "NetSclaer",
"versions": [
{
"lessThan": "25.53",
"status": "affected",
"version": "14.1",
"versionType": "patch"
},
{
"lessThan": "52.25",
"status": "affected",
"version": "13.1",
"versionType": "patch"
},
{
"lessThan": "92.31",
"status": "affected",
"version": "13.0",
"versionType": "patch"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Agent",
"vendor": "NetScaler",
"versions": [
{
"lessThan": "25.53",
"status": "affected",
"version": "14.1",
"versionType": "patch"
},
{
"lessThan": "52.25",
"status": "affected",
"version": "13.1",
"versionType": "patch"
},
{
"lessThan": "92.31",
"status": "affected",
"version": "13.0",
"versionType": "patch"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SDX",
"vendor": "NetScaler",
"versions": [
{
"lessThan": "25.53",
"status": "affected",
"version": "14.1",
"versionType": "patch"
},
{
"lessThan": "52.25",
"status": "affected",
"version": "13.1",
"versionType": "patch"
},
{
"lessThan": "92.31",
"status": "affected",
"version": "13.0",
"versionType": "patch"
}
]
}
],
"datePublic": "2024-07-09T20:12:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cb\u003e\u003cspan style=\"background-color: transparent;\"\u003eDenial of Service \u003c/span\u003e\u003c/b\u003e in\u0026nbsp;\u003cb\u003e\u003cspan style=\"background-color: transparent;\"\u003eNetScaler Console (formerly NetScaler ADM), NetScaler Agent, and NetScaler SDX\u003c/span\u003e\u003c/b\u003e\u003cbr\u003e"
}
],
"value": "Denial of Service in\u00a0NetScaler Console (formerly NetScaler ADM), NetScaler Agent, and NetScaler SDX"
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-10T20:18:04.274Z",
"orgId": "e437aed5-38e0-4fa3-a98b-cb73e7acaec6",
"shortName": "Citrix"
},
"references": [
{
"url": "https://support.citrix.com/article/CTX677998"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Denial of Service",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "e437aed5-38e0-4fa3-a98b-cb73e7acaec6",
"assignerShortName": "Citrix",
"cveId": "CVE-2024-6236",
"datePublished": "2024-07-10T20:18:04.274Z",
"dateReserved": "2024-06-21T01:16:39.466Z",
"dateUpdated": "2025-08-27T20:42:59.832Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-5492 (GCVE-0-2024-5492)
Vulnerability from cvelistv5 – Published: 2024-07-10 19:04 – Updated: 2024-08-01 21:11
VLAI
Title
Open redirect vulnerability allows a remote unauthenticated attacker to redirect users to arbitrary websites
Summary
Open redirect vulnerability allows a remote unauthenticated attacker to redirect users to arbitrary websites in NetScaler ADC and NetScaler Gateway
Severity
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-601 - URL Redirection to Untrusted Site ('Open Redirect')
Assigner
References
1 reference
Impacted products
3 products
| Vendor | Product | Version | |
|---|---|---|---|
| NetSclaer | NetScaler ADC |
Affected:
14.1 , < 25.53
(patch)
Affected: 13.1 , < 53.17 (patch) Affected: 13.0 , < 92.13 (patch) Affected: 13.1-FIPS , < 37.183 (patch) Affected: 12.1-FIPS , < 55.304 (patch) Affected: 12.1-NDcPP , < 55.304 (patch) |
|
| citrix | netscaler_application_delivery_controller |
Affected:
14.1 , < 14.1-25.53
(custom)
Affected: 13.1 , < 13.1-53.17 (custom) Affected: 13.0 , < 13.0-92.31 (custom) Affected: 13.1-FIPS , < 13.1-37.183 (custom) Affected: 12.1-FIPS , < 12.1-55.304 (custom) Affected: 12.1-NDcPP , < 12.1-55.304 (custom) cpe:2.3:a:citrix:netscaler_application_delivery_controller:*:*:*:*:*:*:*:* |
|
| citrix | netscaler_gateway |
Affected:
14.1 , < 14.1-25.53
(custom)
Affected: 13.1 , < 13.1-53.17 (custom) Affected: 13.0 , < 13.0-92.31 (custom) cpe:2.3:a:citrix:netscaler_gateway:*:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:citrix:netscaler_application_delivery_controller:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "netscaler_application_delivery_controller",
"vendor": "citrix",
"versions": [
{
"lessThan": "14.1-25.53",
"status": "affected",
"version": "14.1",
"versionType": "custom"
},
{
"lessThan": "13.1-53.17",
"status": "affected",
"version": "13.1",
"versionType": "custom"
},
{
"lessThan": "13.0-92.31",
"status": "affected",
"version": "13.0",
"versionType": "custom"
},
{
"lessThan": "13.1-37.183",
"status": "affected",
"version": "13.1-FIPS",
"versionType": "custom"
},
{
"lessThan": "12.1-55.304",
"status": "affected",
"version": "12.1-FIPS",
"versionType": "custom"
},
{
"lessThan": "12.1-55.304",
"status": "affected",
"version": "12.1-NDcPP",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:citrix:netscaler_gateway:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "netscaler_gateway",
"vendor": "citrix",
"versions": [
{
"lessThan": "14.1-25.53",
"status": "affected",
"version": "14.1",
"versionType": "custom"
},
{
"lessThan": "13.1-53.17",
"status": "affected",
"version": "13.1",
"versionType": "custom"
},
{
"lessThan": "13.0-92.31",
"status": "affected",
"version": "13.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-5492",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-12T20:06:46.037235Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-601",
"description": "CWE-601 URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-12T20:15:15.431Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T21:11:12.831Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.citrix.com/article/CTX677944/netscaler-adc-and-netscaler-gateway-security-bulletin-for-cve20245491-and-cve20245492"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "NetScaler ADC",
"vendor": "NetSclaer",
"versions": [
{
"lessThan": "25.53",
"status": "affected",
"version": "14.1",
"versionType": "patch"
},
{
"lessThan": "53.17",
"status": "affected",
"version": "13.1",
"versionType": "patch"
},
{
"lessThan": "92.13",
"status": "affected",
"version": "13.0",
"versionType": "patch"
},
{
"lessThan": "37.183",
"status": "affected",
"version": "13.1-FIPS",
"versionType": "patch"
},
{
"lessThan": "55.304",
"status": "affected",
"version": "12.1-FIPS",
"versionType": "patch"
},
{
"lessThan": "55.304",
"status": "affected",
"version": "12.1-NDcPP",
"versionType": "patch"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eOpen redirect vulnerability allows a remote unauthenticated attacker to redirect users to arbitrary websites\u003c/span\u003e\u0026nbsp;in \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eNetScaler ADC and NetScaler Gateway \u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Open redirect vulnerability allows a remote unauthenticated attacker to redirect users to arbitrary websites\u00a0in NetScaler ADC and NetScaler Gateway"
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-10T19:04:40.775Z",
"orgId": "e437aed5-38e0-4fa3-a98b-cb73e7acaec6",
"shortName": "Citrix"
},
"references": [
{
"url": "https://support.citrix.com/article/CTX677944/netscaler-adc-and-netscaler-gateway-security-bulletin-for-cve20245491-and-cve20245492"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Open redirect vulnerability allows a remote unauthenticated attacker to redirect users to arbitrary websites",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "e437aed5-38e0-4fa3-a98b-cb73e7acaec6",
"assignerShortName": "Citrix",
"cveId": "CVE-2024-5492",
"datePublished": "2024-07-10T19:04:40.775Z",
"dateReserved": "2024-05-29T20:16:36.573Z",
"dateUpdated": "2024-08-01T21:11:12.831Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}