7.5

CVE-2026-10817

Medienbericht

Insufficient input validation leading to memory overread

Insufficient input validation leading to memory overread in NetScaler ADC and NetScaler Gateway if the TCP TimeStamp is enabled in TCP Profile and is associated with the virtual server (of type LB, CS, VPN) or the service configured on NetScaler
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
CitrixNetscaler Application Delivery Controller SwEditionfips Version < 13.1-37.272
CitrixNetscaler Application Delivery Controller SwEditionndcpp Version < 13.1-37.272
CitrixNetscaler Application Delivery Controller SwEdition- Version >= 13.1 < 13.1-63.18
CitrixNetscaler Application Delivery Controller SwEdition- Version >= 14.1 < 14.1-72.61
CitrixNetscaler Application Delivery Controller Version14.1-66.68 SwEditionfips
CitrixNetScaler Gateway Version >= 13.1 < 13.1-63.18
CitrixNetScaler Gateway Version >= 14.1 < 14.1-72.61
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.41% 0.329
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 3.9 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
50a63c94-1ea7-4568-8c11-eb79e7c5a2b5 6.9 0 0
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
CWE-125 Out-of-bounds Read

The product reads data past the end, or before the beginning, of the intended buffer.

Für Zugriff zu Vulnerability Intelligence ist ein VulnDex Zugang erforderlich.
VulnDex Intel
Media Report
01.07.2026 11:28
Für Zugriff zu Vulnerability Intelligence ist ein VulnDex Zugang erforderlich.
VulnDex Intel
Media Report
01.07.2026 06:58
https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX696604
Vendor Advisory