9.3
CVE-2010-4566
- EPSS 71.85%
- Published 14.01.2011 23:00:47
- Last modified 11.04.2025 00:51:21
- Source cve@mitre.org
- Teams watchlist Login
- Open Login
The web authentication form in the NT4 authentication component in Citrix Access Gateway Enterprise Edition 9.2-49.8 and earlier, and the NTLM authentication component in Access Gateway Standard and Advanced Editions before Access Gateway 5.0, allows attackers to execute arbitrary commands via shell metacharacters in the password field.
Data is provided by the National Vulnerability Database (NVD)
Citrix ≫ Access Gateway Editionenterprise Version <= 9.2-49.8
Citrix ≫ Access Gateway Version.8.0 Updatem50.3 Editionenterprise
Citrix ≫ Access Gateway Version8.0 Updatem48.7 Editionenterprise
Citrix ≫ Access Gateway Version8.0 Updatem49.2 Editionenterprise
Citrix ≫ Access Gateway Version8.0 Updatem59.1 Editionenterprise
Citrix ≫ Access Gateway Version8.1-69.4 Editionenterprise
Citrix ≫ Access Gateway Version9.0.71.3 Editionenterprise
Citrix ≫ Access Gateway Version9.1-104.5 Editionenterprise
Citrix ≫ Access Gateway Version4.5 Editionadvanced
Citrix ≫ Access Gateway Version4.5 Editionstandard
Citrix ≫ Access Gateway Version4.5 Updatehf1
Citrix ≫ Access Gateway Version4.5 Updatehf1 Editionadvanced
Citrix ≫ Access Gateway Version4.5.5 Editionstandard
Citrix ≫ Access Gateway Version4.5.6 Editionstandard
Citrix ≫ Access Gateway Version4.5.7 Editionstandard
Citrix ≫ Access Gateway Version4.6.1 Editionstandard
Citrix ≫ Access Gateway Version4.6.2 Editionstandard
Citrix ≫ Access Gateway Version4.6.3 Editionstandard
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 71.85% | 0.986 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 9.3 | 8.6 | 10 |
AV:N/AC:M/Au:N/C:C/I:C/A:C
|