8.8
CVE-2025-5349
- EPSS 0.86%
- Veröffentlicht 17.06.2025 12:32:24
- Zuletzt bearbeitet 06.08.2025 17:50:04
- Quelle secure@citrix.com
- CVE-Watchlists
- Unerledigt
NetScaler ADC and NetScaler Gateway - Improper access control on the NetScaler Management Interface
Improper access control on the NetScaler Management Interface in NetScaler ADC and NetScaler Gateway
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Citrix ≫ Netscaler Application Delivery Controller SwEditionfips Version >= 12.1 < 12.1-55.328
Citrix ≫ Netscaler Application Delivery Controller SwEditionfips Version >= 13.1 < 13.1-37.235
Citrix ≫ Netscaler Application Delivery Controller SwEditionndcpp Version >= 13.1 < 13.1-37.235
Citrix ≫ Netscaler Application Delivery Controller SwEdition- Version >= 13.1 < 13.1-58.32
Citrix ≫ Netscaler Application Delivery Controller SwEdition- Version >= 14.1 < 14.1-43.56
Citrix ≫ NetScaler Gateway Version >= 13.1 < 13.1-58.32
Citrix ≫ NetScaler Gateway Version >= 14.1 < 14.1-43.56
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.86% | 0.753 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 8.8 | 2.8 | 5.9 |
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
| secure@citrix.com | 8.7 | 0 | 0 |
CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
|
CWE-1284 Improper Validation of Specified Quantity in Input
The product receives input that is expected to specify a quantity (such as size or length), but it does not validate or incorrectly validates that the quantity has the required properties.