Citrix NetScaler SD-WAN 9.3.0 WAN Optimization Edition

CPE Details

Citrix NetScaler SD-WAN 9.3.0 WAN Optimization Edition
citrix
netscaler_sd-wan
9.3.0
2018-03-21
16h36 +00:00
2021-05-13
14h34 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:citrix:netscaler_sd-wan:9.3.0:*:*:*:wan_optimization:*:*:*

Informations

Vendor

citrix

Product

netscaler_sd-wan

Version

9.3.0

Software Edition

wan_optimization

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2019-11550 2019-05-08 14h09 +00:00 Citrix SD-WAN 10.2.x before 10.2.1 and NetScaler SD-WAN 10.0.x before 10.0.7 have Improper Certificate Validation.
5.9
Medium
CVE-2018-17444 2018-10-23 19h00 +00:00 A Directory Traversal issue was discovered in Citrix SD-WAN 10.1.0 and NetScaler SD-WAN 9.3.x before 9.3.6 and 10.0.x before 10.0.4.
7.5
High
CVE-2018-17445 2018-10-23 19h00 +00:00 A Command Injection issue was discovered in Citrix SD-WAN 10.1.0 and NetScaler SD-WAN 9.3.x before 9.3.6 and 10.0.x before 10.0.4.
9.8
Critical
CVE-2018-17446 2018-10-23 19h00 +00:00 A SQL Injection issue was discovered in Citrix SD-WAN 10.1.0 and NetScaler SD-WAN 9.3.x before 9.3.6 and 10.0.x before 10.0.4.
9.8
Critical
CVE-2018-17447 2018-10-23 19h00 +00:00 An Information Exposure Through Log Files issue was discovered in Citrix SD-WAN 10.1.0 and NetScaler SD-WAN 9.3.x before 9.3.6 and 10.0.x before 10.0.4.
7.5
High
CVE-2018-17448 2018-10-23 19h00 +00:00 An Incorrect Access Control issue was discovered in Citrix SD-WAN 10.1.0 and NetScaler SD-WAN 9.3.x before 9.3.6 and 10.0.x before 10.0.4.
9.8
Critical
CVE-2018-5314 2018-03-01 16h00 +00:00 Command injection vulnerability in Citrix NetScaler ADC and NetScaler Gateway 11.0 before build 70.16, 11.1 before build 55.13, and 12.0 before build 53.13; and the NetScaler Load Balancing instance distributed with NetScaler SD-WAN/CloudBridge 4000, 4100, 5000 and 5100 WAN Optimization Edition 9.3.0 allows remote attackers to execute a system command or read arbitrary files via an SSH login prompt.
7.5
High
The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.