cvelistv5 - cve-2013-2767

CVE-2013-2767 (GCVE-0-2013-2767)

Vulnerability from cvelistv5 – Published: 2013-04-25 20:00 – Updated: 2024-09-17 00:26

Summary

Unspecified vulnerability in Citrix NetScaler Access Gateway Enterprise Edition (AGEE) before 9.3.62.4 and 10.x through 10.0.74.4, and NetScaler AGEE Common Criteria build before 9.3.53.6, allows remote attackers to bypass intended intranet access restrictions via unknown vectors.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	http://support.citrix.com/article/ctx137238	x_refsource_CONFIRM
	http://www.kb.cert.org/vuls/id/521612	third-party-advisoryx_refsource_CERT-VN

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T15:44:33.642Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.citrix.com/article/ctx137238"
          },
          {
            "name": "VU#521612",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/521612"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in Citrix NetScaler Access Gateway Enterprise Edition (AGEE) before 9.3.62.4 and 10.x through 10.0.74.4, and NetScaler AGEE Common Criteria build before 9.3.53.6, allows remote attackers to bypass intended intranet access restrictions via unknown vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2013-04-25T20:00:00Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.citrix.com/article/ctx137238"
        },
        {
          "name": "VU#521612",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/521612"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2013-2767",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in Citrix NetScaler Access Gateway Enterprise Edition (AGEE) before 9.3.62.4 and 10.x through 10.0.74.4, and NetScaler AGEE Common Criteria build before 9.3.53.6, allows remote attackers to bypass intended intranet access restrictions via unknown vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://support.citrix.com/article/ctx137238",
              "refsource": "CONFIRM",
              "url": "http://support.citrix.com/article/ctx137238"
            },
            {
              "name": "VU#521612",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/521612"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2013-2767",
    "datePublished": "2013-04-25T20:00:00Z",
    "dateReserved": "2013-04-07T00:00:00Z",
    "dateUpdated": "2024-09-17T00:26:32.289Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:citrix:netscaler_access_gateway_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"9.3.61.5\", \"matchCriteriaId\": \"7D951535-13E6-4CAF-8D8A-43A2E68D1C5A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:citrix:netscaler_access_gateway_firmware:9.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4540051A-52DA-43D7-B0F4-C0EED00209FD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:citrix:netscaler_access_gateway_firmware:9.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"801E1382-88D5-4526-A301-31400A490FD3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:citrix:netscaler_access_gateway_firmware:9.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"45706C36-AB39-46A8-9E60-CB4D41ABD3E5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:citrix:netscaler_access_gateway_firmware:9.3:agee_common_criteria_build:*:*:*:*:*:*\", \"matchCriteriaId\": \"4F192110-9E33-42EF-9BBF-C94A034DE5D9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:citrix:netscaler_access_gateway_firmware:10.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"53D2B7EB-9044-41BD-BF6B-4D31D71F9384\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:citrix:netscaler_access_gateway_firmware:10.0.74.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"161CFE7D-57CE-4D44-98CF-2E3631AEDD2B\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:citrix:netscaler_access_gateway:-:-:enterprise:*:*:*:*:*\", \"matchCriteriaId\": \"4D5D5DFC-F456-4085-BE20-13BD38301B04\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Unspecified vulnerability in Citrix NetScaler Access Gateway Enterprise Edition (AGEE) before 9.3.62.4 and 10.x through 10.0.74.4, and NetScaler AGEE Common Criteria build before 9.3.53.6, allows remote attackers to bypass intended intranet access restrictions via unknown vectors.\"}, {\"lang\": \"es\", \"value\": \"Vulnerabilidad no especificada en Citrix NetScaler Access Gateway Enterprise Edition (AGEE)  antes de v9.3.62.4 y v10.x hasta v10.0.74.4 y NetScaler AGEE Common Criteria antes de v9.3.53.6, permite a atacantes remotos evitar las restricciones de acceso a la intranet destinados a trav\\u00e9s de vectores desconocidos.\"}]",
      "id": "CVE-2013-2767",
      "lastModified": "2024-11-21T01:52:20.170",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:H/Au:N/C:C/I:N/A:N\", \"baseScore\": 5.4, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"HIGH\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 4.9, \"impactScore\": 6.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2013-04-25T20:55:10.003",
      "references": "[{\"url\": \"http://support.citrix.com/article/ctx137238\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.kb.cert.org/vuls/id/521612\", \"source\": \"cve@mitre.org\", \"tags\": [\"US Government Resource\"]}, {\"url\": \"http://support.citrix.com/article/ctx137238\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.kb.cert.org/vuls/id/521612\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"US Government Resource\"]}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-noinfo\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2013-2767\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2013-04-25T20:55:10.003\",\"lastModified\":\"2025-04-11T00:51:21.963\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Unspecified vulnerability in Citrix NetScaler Access Gateway Enterprise Edition (AGEE) before 9.3.62.4 and 10.x through 10.0.74.4, and NetScaler AGEE Common Criteria build before 9.3.53.6, allows remote attackers to bypass intended intranet access restrictions via unknown vectors.\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad no especificada en Citrix NetScaler Access Gateway Enterprise Edition (AGEE)  antes de v9.3.62.4 y v10.x hasta v10.0.74.4 y NetScaler AGEE Common Criteria antes de v9.3.53.6, permite a atacantes remotos evitar las restricciones de acceso a la intranet destinados a trav\u00e9s de vectores desconocidos.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:H/Au:N/C:C/I:N/A:N\",\"baseScore\":5.4,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"HIGH\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":4.9,\"impactScore\":6.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:citrix:netscaler_access_gateway_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"9.3.61.5\",\"matchCriteriaId\":\"7D951535-13E6-4CAF-8D8A-43A2E68D1C5A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:citrix:netscaler_access_gateway_firmware:9.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4540051A-52DA-43D7-B0F4-C0EED00209FD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:citrix:netscaler_access_gateway_firmware:9.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"801E1382-88D5-4526-A301-31400A490FD3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:citrix:netscaler_access_gateway_firmware:9.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"45706C36-AB39-46A8-9E60-CB4D41ABD3E5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:citrix:netscaler_access_gateway_firmware:9.3:agee_common_criteria_build:*:*:*:*:*:*\",\"matchCriteriaId\":\"4F192110-9E33-42EF-9BBF-C94A034DE5D9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:citrix:netscaler_access_gateway_firmware:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"53D2B7EB-9044-41BD-BF6B-4D31D71F9384\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:citrix:netscaler_access_gateway_firmware:10.0.74.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"161CFE7D-57CE-4D44-98CF-2E3631AEDD2B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:citrix:netscaler_access_gateway:-:-:enterprise:*:*:*:*:*\",\"matchCriteriaId\":\"4D5D5DFC-F456-4085-BE20-13BD38301B04\"}]}]}],\"references\":[{\"url\":\"http://support.citrix.com/article/ctx137238\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.kb.cert.org/vuls/id/521612\",\"source\":\"cve@mitre.org\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://support.citrix.com/article/ctx137238\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.kb.cert.org/vuls/id/521612\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"US Government Resource\"]}]}}"
  }
}

VAR-201304-0403

Vulnerability from variot - Updated: 2023-12-18 13:20

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201304-0403",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "netscaler access gateway",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "citrix",
        "version": "9.1"
      },
      {
        "model": "netscaler access gateway",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "citrix",
        "version": "10.0.74.4"
      },
      {
        "model": "netscaler access gateway",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "citrix",
        "version": "9.3"
      },
      {
        "model": "netscaler access gateway",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "citrix",
        "version": "9.2"
      },
      {
        "model": "netscaler access gateway",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "citrix",
        "version": "10.0"
      },
      {
        "model": "netscaler access gateway",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "citrix",
        "version": "9.3.61.5"
      },
      {
        "model": "netscaler access gateway",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "citrix",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "citrix",
        "version": null
      },
      {
        "model": "netscaler gateway",
        "scope": null,
        "trust": 0.8,
        "vendor": "citrix",
        "version": null
      },
      {
        "model": "netscaler gateway",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "citrix",
        "version": "version 10.0.74.4   10.0 system"
      },
      {
        "model": "netscaler gateway",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "citrix",
        "version": "version 9.3.61.5"
      },
      {
        "model": "netscaler access gateway enterprise",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "citrix",
        "version": "9.3.61.5"
      },
      {
        "model": "netscaler access gateway",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "citrix",
        "version": "9.3.61.5"
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#521612"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-04456"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-002478"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-2767"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201304-547"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:citrix:netscaler_access_gateway_firmware:10.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:citrix:netscaler_access_gateway_firmware:10.0.74.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:citrix:netscaler_access_gateway_firmware:9.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:citrix:netscaler_access_gateway_firmware:9.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:citrix:netscaler_access_gateway_firmware:9.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:citrix:netscaler_access_gateway_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "9.3.61.5",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:citrix:netscaler_access_gateway_firmware:9.3:agee_common_criteria_build:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:citrix:netscaler_access_gateway:-:-:enterprise:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2013-2767"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "HyeongKwan Lee of SK",
    "sources": [
      {
        "db": "BID",
        "id": "59491"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2013-2767",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "HIGH",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "NONE",
            "baseScore": 5.4,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 4.9,
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "MEDIUM",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:H/Au:N/C:C/I:N/A:N",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "HIGH",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "NONE",
            "availabilityRequirement": "NOT DEFINED",
            "baseScore": 5.4,
            "collateralDamagePotential": "LOW-MEDIUM",
            "confidentialityImpact": "COMPLETE",
            "confidentialityRequirement": "NOT DEFINED",
            "enviromentalScore": 4.5,
            "exploitability": "PROOF-OF-CONCEPT",
            "exploitabilityScore": 4.9,
            "id": "CVE-2013-2767",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "integrityRequirement": "NOT DEFINED",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "remediationLevel": "OFFICIAL FIX",
            "reportConfidence": "CONFIRMED",
            "severity": "MEDIUM",
            "targetDistribution": "MEDIUM",
            "trust": 0.8,
            "userInterationRequired": null,
            "vector_string": "AV:N/AC:H/Au:N/C:C/I:N/A:N",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "High",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "None",
            "baseScore": 5.4,
            "confidentialityImpact": "Complete",
            "exploitabilityScore": null,
            "id": "CVE-2013-2767",
            "impactScore": null,
            "integrityImpact": "None",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Medium",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:H/Au:N/C:C/I:N/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "HIGH",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "NONE",
            "baseScore": 5.4,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 4.9,
            "id": "CNVD-2013-04456",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:N/AC:H/Au:N/C:C/I:N/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "HIGH",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 5.4,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 4.9,
            "id": "VHN-62769",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:H/AU:N/C:C/I:N/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2013-2767",
            "trust": 2.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2013-04456",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201304-547",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-62769",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#521612"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-04456"
      },
      {
        "db": "VULHUB",
        "id": "VHN-62769"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-002478"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-2767"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201304-547"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Unspecified vulnerability in Citrix NetScaler Access Gateway Enterprise Edition (AGEE) before 9.3.62.4 and 10.x through 10.0.74.4, and NetScaler AGEE Common Criteria build before 9.3.53.6, allows remote attackers to bypass intended intranet access restrictions via unknown vectors. This may aid in further attacks",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2013-2767"
      },
      {
        "db": "CERT/CC",
        "id": "VU#521612"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-002478"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-04456"
      },
      {
        "db": "BID",
        "id": "59491"
      },
      {
        "db": "VULHUB",
        "id": "VHN-62769"
      }
    ],
    "trust": 3.24
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2013-2767",
        "trust": 4.2
      },
      {
        "db": "CERT/CC",
        "id": "VU#521612",
        "trust": 4.2
      },
      {
        "db": "BID",
        "id": "59491",
        "trust": 1.0
      },
      {
        "db": "JVN",
        "id": "JVNVU95943552",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-002478",
        "trust": 0.8
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-04456",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201304-547",
        "trust": 0.6
      },
      {
        "db": "VULHUB",
        "id": "VHN-62769",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#521612"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-04456"
      },
      {
        "db": "VULHUB",
        "id": "VHN-62769"
      },
      {
        "db": "BID",
        "id": "59491"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-002478"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-2767"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201304-547"
      }
    ]
  },
  "id": "VAR-201304-0403",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-04456"
      },
      {
        "db": "VULHUB",
        "id": "VHN-62769"
      }
    ],
    "trust": 1.7
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "Network device"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-04456"
      }
    ]
  },
  "last_update_date": "2023-12-18T13:20:07.062000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Vulnerability in Citrix NetScaler Access Gateway Enterprise Edition Could Result in Unauthorized Access to Network Resources (CTX137238)",
        "trust": 0.8,
        "url": "http://support.citrix.com/article/ctx137238"
      },
      {
        "title": "NetScaler ADC - Firmware",
        "trust": 0.8,
        "url": "https://www.citrix.com/downloads/netscaler-adc/firmware.html"
      },
      {
        "title": "Citrix NetScaler and Access Gateway are not authorized to access vulnerable patches",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchinfo/show/33692"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-04456"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-002478"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "NVD-CWE-noinfo",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2013-2767"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 3.6,
        "url": "http://support.citrix.com/article/ctx137238"
      },
      {
        "trust": 3.4,
        "url": "http://www.kb.cert.org/vuls/id/521612"
      },
      {
        "trust": 0.8,
        "url": "https://www.citrix.com/downloads/netscaler-adc/firmware.html"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2767"
      },
      {
        "trust": 0.8,
        "url": "http://jvn.jp/cert/jvnvu95943552/index.html"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-2767"
      },
      {
        "trust": 0.3,
        "url": "http://www.citrix.com"
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#521612"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-04456"
      },
      {
        "db": "VULHUB",
        "id": "VHN-62769"
      },
      {
        "db": "BID",
        "id": "59491"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-002478"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-2767"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201304-547"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CERT/CC",
        "id": "VU#521612"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-04456"
      },
      {
        "db": "VULHUB",
        "id": "VHN-62769"
      },
      {
        "db": "BID",
        "id": "59491"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-002478"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-2767"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201304-547"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2013-04-25T00:00:00",
        "db": "CERT/CC",
        "id": "VU#521612"
      },
      {
        "date": "2013-04-28T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2013-04456"
      },
      {
        "date": "2013-04-25T00:00:00",
        "db": "VULHUB",
        "id": "VHN-62769"
      },
      {
        "date": "2013-04-25T00:00:00",
        "db": "BID",
        "id": "59491"
      },
      {
        "date": "2013-04-30T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2013-002478"
      },
      {
        "date": "2013-04-25T20:55:10.003000",
        "db": "NVD",
        "id": "CVE-2013-2767"
      },
      {
        "date": "2013-04-26T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201304-547"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2013-04-25T00:00:00",
        "db": "CERT/CC",
        "id": "VU#521612"
      },
      {
        "date": "2013-05-28T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2013-04456"
      },
      {
        "date": "2013-05-02T00:00:00",
        "db": "VULHUB",
        "id": "VHN-62769"
      },
      {
        "date": "2013-04-25T00:00:00",
        "db": "BID",
        "id": "59491"
      },
      {
        "date": "2013-04-30T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2013-002478"
      },
      {
        "date": "2013-05-02T04:00:00",
        "db": "NVD",
        "id": "CVE-2013-2767"
      },
      {
        "date": "2013-04-26T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201304-547"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201304-547"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Citrix NetScaler and Access Gateway Enterprise Edition unauthorized access to network resources vulnerability",
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#521612"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Design Error",
    "sources": [
      {
        "db": "BID",
        "id": "59491"
      }
    ],
    "trust": 0.3
  }
}

FKIE_CVE-2013-2767

Vulnerability from fkie_nvd - Published: 2013-04-25 20:55 - Updated: 2025-04-11 00:51

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://support.citrix.com/article/ctx137238	Vendor Advisory
cve@mitre.org	http://www.kb.cert.org/vuls/id/521612	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://support.citrix.com/article/ctx137238	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.kb.cert.org/vuls/id/521612	US Government Resource

Impacted products

Vendor	Product	Version
citrix	netscaler_access_gateway_firmware	*
citrix	netscaler_access_gateway_firmware	9.1
citrix	netscaler_access_gateway_firmware	9.2
citrix	netscaler_access_gateway_firmware	9.3
citrix	netscaler_access_gateway_firmware	9.3
citrix	netscaler_access_gateway_firmware	10.0
citrix	netscaler_access_gateway_firmware	10.0.74.4
citrix	netscaler_access_gateway	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:citrix:netscaler_access_gateway_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D951535-13E6-4CAF-8D8A-43A2E68D1C5A",
              "versionEndIncluding": "9.3.61.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:citrix:netscaler_access_gateway_firmware:9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4540051A-52DA-43D7-B0F4-C0EED00209FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:citrix:netscaler_access_gateway_firmware:9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "801E1382-88D5-4526-A301-31400A490FD3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:citrix:netscaler_access_gateway_firmware:9.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "45706C36-AB39-46A8-9E60-CB4D41ABD3E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:citrix:netscaler_access_gateway_firmware:9.3:agee_common_criteria_build:*:*:*:*:*:*",
              "matchCriteriaId": "4F192110-9E33-42EF-9BBF-C94A034DE5D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:citrix:netscaler_access_gateway_firmware:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "53D2B7EB-9044-41BD-BF6B-4D31D71F9384",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:citrix:netscaler_access_gateway_firmware:10.0.74.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "161CFE7D-57CE-4D44-98CF-2E3631AEDD2B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:citrix:netscaler_access_gateway:-:-:enterprise:*:*:*:*:*",
              "matchCriteriaId": "4D5D5DFC-F456-4085-BE20-13BD38301B04",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability in Citrix NetScaler Access Gateway Enterprise Edition (AGEE) before 9.3.62.4 and 10.x through 10.0.74.4, and NetScaler AGEE Common Criteria build before 9.3.53.6, allows remote attackers to bypass intended intranet access restrictions via unknown vectors."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad no especificada en Citrix NetScaler Access Gateway Enterprise Edition (AGEE)  antes de v9.3.62.4 y v10.x hasta v10.0.74.4 y NetScaler AGEE Common Criteria antes de v9.3.53.6, permite a atacantes remotos evitar las restricciones de acceso a la intranet destinados a trav\u00e9s de vectores desconocidos."
    }
  ],
  "id": "CVE-2013-2767",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "HIGH",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.4,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:H/Au:N/C:C/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 4.9,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2013-04-25T20:55:10.003",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://support.citrix.com/article/ctx137238"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/521612"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://support.citrix.com/article/ctx137238"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/521612"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CERTA-2013-AVI-276

Vulnerability from certfr_avis - Published: - Updated:

Une vulnérabilité a été corrigée dans Citrix NetScaler Access Gateway Enterprise Edition. Elle permet à un attaquant de provoquer une atteinte à la confidentialité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Citrix	NetScaler	Firmware version 9.3.61.5 et antérieures (sauf 9.3.53.6)
	Citrix	NetScaler	Firmware version 10.0.74.4 et antérieures (pour la branche 10.0)

References

Title

Publication Time

Tags

Bulletin de sécurité Citrix CTX137238 du 25 avril 2013

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Firmware version 9.3.61.5 et ant\u00e9rieures (sauf 9.3.53.6)",
      "product": {
        "name": "NetScaler",
        "vendor": {
          "name": "Citrix",
          "scada": false
        }
      }
    },
    {
      "description": "Firmware version 10.0.74.4 et ant\u00e9rieures (pour la branche 10.0)",
      "product": {
        "name": "NetScaler",
        "vendor": {
          "name": "Citrix",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2013-2767",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2767"
    }
  ],
  "links": [],
  "reference": "CERTA-2013-AVI-276",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2013-04-26T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 corrig\u00e9e dans \u003cspan class=\"textit\"\u003eCitrix\nNetScaler Access Gateway Enterprise Edition\u003c/span\u003e. Elle permet \u00e0 un\nattaquant de provoquer une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans Citrix NetScaler Access Gateway Enterprise Edition",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Citrix CTX137238 du 25 avril 2013",
      "url": "http://support.citrix.com/article/CTX137238"
    }
  ]
}

CERTA-2013-AVI-276

Vulnerability from certfr_avis - Published: - Updated:

Une vulnérabilité a été corrigée dans Citrix NetScaler Access Gateway Enterprise Edition. Elle permet à un attaquant de provoquer une atteinte à la confidentialité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Citrix	NetScaler	Firmware version 9.3.61.5 et antérieures (sauf 9.3.53.6)
	Citrix	NetScaler	Firmware version 10.0.74.4 et antérieures (pour la branche 10.0)

References

Title

Publication Time

Tags

Bulletin de sécurité Citrix CTX137238 du 25 avril 2013

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Firmware version 9.3.61.5 et ant\u00e9rieures (sauf 9.3.53.6)",
      "product": {
        "name": "NetScaler",
        "vendor": {
          "name": "Citrix",
          "scada": false
        }
      }
    },
    {
      "description": "Firmware version 10.0.74.4 et ant\u00e9rieures (pour la branche 10.0)",
      "product": {
        "name": "NetScaler",
        "vendor": {
          "name": "Citrix",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2013-2767",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2767"
    }
  ],
  "links": [],
  "reference": "CERTA-2013-AVI-276",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2013-04-26T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 corrig\u00e9e dans \u003cspan class=\"textit\"\u003eCitrix\nNetScaler Access Gateway Enterprise Edition\u003c/span\u003e. Elle permet \u00e0 un\nattaquant de provoquer une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans Citrix NetScaler Access Gateway Enterprise Edition",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Citrix CTX137238 du 25 avril 2013",
      "url": "http://support.citrix.com/article/CTX137238"
    }
  ]
}

GSD-2013-2767

Vulnerability from gsd - Updated: 2023-12-13 01:22

Details

Aliases

CVE-2013-2767

Aliases

CVE-2013-2767

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2013-2767",
    "description": "Unspecified vulnerability in Citrix NetScaler Access Gateway Enterprise Edition (AGEE) before 9.3.62.4 and 10.x through 10.0.74.4, and NetScaler AGEE Common Criteria build before 9.3.53.6, allows remote attackers to bypass intended intranet access restrictions via unknown vectors.",
    "id": "GSD-2013-2767"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2013-2767"
      ],
      "details": "Unspecified vulnerability in Citrix NetScaler Access Gateway Enterprise Edition (AGEE) before 9.3.62.4 and 10.x through 10.0.74.4, and NetScaler AGEE Common Criteria build before 9.3.53.6, allows remote attackers to bypass intended intranet access restrictions via unknown vectors.",
      "id": "GSD-2013-2767",
      "modified": "2023-12-13T01:22:17.644312Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2013-2767",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Unspecified vulnerability in Citrix NetScaler Access Gateway Enterprise Edition (AGEE) before 9.3.62.4 and 10.x through 10.0.74.4, and NetScaler AGEE Common Criteria build before 9.3.53.6, allows remote attackers to bypass intended intranet access restrictions via unknown vectors."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://support.citrix.com/article/ctx137238",
            "refsource": "CONFIRM",
            "url": "http://support.citrix.com/article/ctx137238"
          },
          {
            "name": "VU#521612",
            "refsource": "CERT-VN",
            "url": "http://www.kb.cert.org/vuls/id/521612"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:citrix:netscaler_access_gateway_firmware:10.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:citrix:netscaler_access_gateway_firmware:10.0.74.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:citrix:netscaler_access_gateway_firmware:9.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:citrix:netscaler_access_gateway_firmware:9.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:citrix:netscaler_access_gateway_firmware:9.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:citrix:netscaler_access_gateway_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "9.3.61.5",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:citrix:netscaler_access_gateway_firmware:9.3:agee_common_criteria_build:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:citrix:netscaler_access_gateway:-:-:enterprise:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2013-2767"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Unspecified vulnerability in Citrix NetScaler Access Gateway Enterprise Edition (AGEE) before 9.3.62.4 and 10.x through 10.0.74.4, and NetScaler AGEE Common Criteria build before 9.3.53.6, allows remote attackers to bypass intended intranet access restrictions via unknown vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-noinfo"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://support.citrix.com/article/ctx137238",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://support.citrix.com/article/ctx137238"
            },
            {
              "name": "VU#521612",
              "refsource": "CERT-VN",
              "tags": [
                "US Government Resource"
              ],
              "url": "http://www.kb.cert.org/vuls/id/521612"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "HIGH",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 5.4,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:H/Au:N/C:C/I:N/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 4.9,
          "impactScore": 6.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2013-05-02T04:00Z",
      "publishedDate": "2013-04-25T20:55Z"
    }
  }
}

GHSA-MC4X-GXCV-8HGV

Vulnerability from github – Published: 2022-05-17 05:10 – Updated: 2022-05-17 05:10

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2013-2767"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2013-04-25T20:55:00Z",
    "severity": "MODERATE"
  },
  "details": "Unspecified vulnerability in Citrix NetScaler Access Gateway Enterprise Edition (AGEE) before 9.3.62.4 and 10.x through 10.0.74.4, and NetScaler AGEE Common Criteria build before 9.3.53.6, allows remote attackers to bypass intended intranet access restrictions via unknown vectors.",
  "id": "GHSA-mc4x-gxcv-8hgv",
  "modified": "2022-05-17T05:10:46Z",
  "published": "2022-05-17T05:10:46Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2767"
    },
    {
      "type": "WEB",
      "url": "http://support.citrix.com/article/ctx137238"
    },
    {
      "type": "WEB",
      "url": "http://www.kb.cert.org/vuls/id/521612"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2013-2767 (GCVE-0-2013-2767)

VAR-201304-0403

FKIE_CVE-2013-2767

CERTA-2013-AVI-276

Solution

CERTA-2013-AVI-276

Solution

GSD-2013-2767

GHSA-MC4X-GXCV-8HGV

Tags

Sightings

Nomenclature