cvelistv5 - cve-2018-6808

CVE-2018-6808 (GCVE-0-2018-6808)

Vulnerability from cvelistv5 – Published: 2018-03-06 20:00 – Updated: 2024-08-05 06:10

Summary

NetScaler ADC 10.5, 11.0, 11.1, and 12.0, and NetScaler Gateway 10.5, 11.0, 11.1, and 12.0 allow remote attackers to download arbitrary files on the target system.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	https://support.citrix.com/article/CTX232161	x_refsource_CONFIRM
	http://www.securitytracker.com/id/1040440	vdb-entryx_refsource_SECTRACK

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T06:10:11.369Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.citrix.com/article/CTX232161"
          },
          {
            "name": "1040440",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1040440"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-03-01T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "NetScaler ADC 10.5, 11.0, 11.1, and 12.0, and NetScaler Gateway 10.5, 11.0, 11.1, and 12.0 allow remote attackers to download arbitrary files on the target system."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-03-06T19:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.citrix.com/article/CTX232161"
        },
        {
          "name": "1040440",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1040440"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2018-6808",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "NetScaler ADC 10.5, 11.0, 11.1, and 12.0, and NetScaler Gateway 10.5, 11.0, 11.1, and 12.0 allow remote attackers to download arbitrary files on the target system."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://support.citrix.com/article/CTX232161",
              "refsource": "CONFIRM",
              "url": "https://support.citrix.com/article/CTX232161"
            },
            {
              "name": "1040440",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1040440"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2018-6808",
    "datePublished": "2018-03-06T20:00:00",
    "dateReserved": "2018-02-07T00:00:00",
    "dateUpdated": "2024-08-05T06:10:11.369Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:citrix:netscaler_application_delivery_controller_firmware:10.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D8C7525B-2A2D-43AF-8DA0-11FF28322337\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:citrix:netscaler_application_delivery_controller_firmware:11.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CB678AF5-12B4-41D0-A381-46EE277313B7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:citrix:netscaler_application_delivery_controller_firmware:11.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"123D42E1-3CDD-4D46-82F6-8982DE716F7E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:citrix:netscaler_application_delivery_controller_firmware:12.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FFCE3458-6750-4773-BA18-CAA67A6093D4\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:citrix:netscaler_application_delivery_controller:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"81FD5100-3ADB-4C21-BCE5-CDA7C4C1D8B9\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:citrix:netscaler_gateway_firmware:10.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7E0FA8E2-3E8F-481E-8C39-FB00A9739DFC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:citrix:netscaler_gateway_firmware:11.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D2C6F82C-9969-4A6E-88C8-AB8BB0AAD3C7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:citrix:netscaler_gateway_firmware:11.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A5D73B9A-59AA-4A38-AEAF-7EAB0965CD7E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:citrix:netscaler_gateway_firmware:12.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B9F3ED0E-7F3D-477B-B645-77DA5FC7F502\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:citrix:netscaler_gateway:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DEBB9B6A-1CAD-4D82-9B1E-939921986053\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"NetScaler ADC 10.5, 11.0, 11.1, and 12.0, and NetScaler Gateway 10.5, 11.0, 11.1, and 12.0 allow remote attackers to download arbitrary files on the target system.\"}, {\"lang\": \"es\", \"value\": \"NetScaler ADC 10.5, 11.0, 11.1 y 12.0 y NetScaler Gateway 10.5, 11.0, 11.1 y12.0 permiten que atacantes remotos descarguen archivos arbitrarios en el sistema objetivo.\"}]",
      "id": "CVE-2018-6808",
      "lastModified": "2024-11-21T04:11:13.900",
      "metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:N/A:N\", \"baseScore\": 5.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 10.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2018-03-06T20:29:01.063",
      "references": "[{\"url\": \"http://www.securitytracker.com/id/1040440\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://support.citrix.com/article/CTX232161\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securitytracker.com/id/1040440\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://support.citrix.com/article/CTX232161\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-200\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2018-6808\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2018-03-06T20:29:01.063\",\"lastModified\":\"2024-11-21T04:11:13.900\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"NetScaler ADC 10.5, 11.0, 11.1, and 12.0, and NetScaler Gateway 10.5, 11.0, 11.1, and 12.0 allow remote attackers to download arbitrary files on the target system.\"},{\"lang\":\"es\",\"value\":\"NetScaler ADC 10.5, 11.0, 11.1 y 12.0 y NetScaler Gateway 10.5, 11.0, 11.1 y12.0 permiten que atacantes remotos descarguen archivos arbitrarios en el sistema objetivo.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:N/A:N\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-200\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:citrix:netscaler_application_delivery_controller_firmware:10.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D8C7525B-2A2D-43AF-8DA0-11FF28322337\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:citrix:netscaler_application_delivery_controller_firmware:11.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CB678AF5-12B4-41D0-A381-46EE277313B7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:citrix:netscaler_application_delivery_controller_firmware:11.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"123D42E1-3CDD-4D46-82F6-8982DE716F7E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:citrix:netscaler_application_delivery_controller_firmware:12.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FFCE3458-6750-4773-BA18-CAA67A6093D4\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:citrix:netscaler_application_delivery_controller:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"81FD5100-3ADB-4C21-BCE5-CDA7C4C1D8B9\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:citrix:netscaler_gateway_firmware:10.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7E0FA8E2-3E8F-481E-8C39-FB00A9739DFC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:citrix:netscaler_gateway_firmware:11.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D2C6F82C-9969-4A6E-88C8-AB8BB0AAD3C7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:citrix:netscaler_gateway_firmware:11.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A5D73B9A-59AA-4A38-AEAF-7EAB0965CD7E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:citrix:netscaler_gateway_firmware:12.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B9F3ED0E-7F3D-477B-B645-77DA5FC7F502\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:citrix:netscaler_gateway:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEBB9B6A-1CAD-4D82-9B1E-939921986053\"}]}]}],\"references\":[{\"url\":\"http://www.securitytracker.com/id/1040440\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://support.citrix.com/article/CTX232161\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securitytracker.com/id/1040440\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://support.citrix.com/article/CTX232161\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}

GSD-2018-6808

Vulnerability from gsd - Updated: 2023-12-13 01:22

Details

NetScaler ADC 10.5, 11.0, 11.1, and 12.0, and NetScaler Gateway 10.5, 11.0, 11.1, and 12.0 allow remote attackers to download arbitrary files on the target system.

Aliases

CVE-2018-6808

Aliases

CVE-2018-6808

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2018-6808",
    "description": "NetScaler ADC 10.5, 11.0, 11.1, and 12.0, and NetScaler Gateway 10.5, 11.0, 11.1, and 12.0 allow remote attackers to download arbitrary files on the target system.",
    "id": "GSD-2018-6808"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2018-6808"
      ],
      "details": "NetScaler ADC 10.5, 11.0, 11.1, and 12.0, and NetScaler Gateway 10.5, 11.0, 11.1, and 12.0 allow remote attackers to download arbitrary files on the target system.",
      "id": "GSD-2018-6808",
      "modified": "2023-12-13T01:22:35.476665Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2018-6808",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "NetScaler ADC 10.5, 11.0, 11.1, and 12.0, and NetScaler Gateway 10.5, 11.0, 11.1, and 12.0 allow remote attackers to download arbitrary files on the target system."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://support.citrix.com/article/CTX232161",
            "refsource": "CONFIRM",
            "url": "https://support.citrix.com/article/CTX232161"
          },
          {
            "name": "1040440",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id/1040440"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:citrix:netscaler_application_delivery_controller_firmware:11.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:citrix:netscaler_application_delivery_controller_firmware:12.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:citrix:netscaler_application_delivery_controller_firmware:10.5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:citrix:netscaler_application_delivery_controller_firmware:11.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:citrix:netscaler_application_delivery_controller:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:citrix:netscaler_gateway_firmware:10.5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:citrix:netscaler_gateway_firmware:11.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:citrix:netscaler_gateway_firmware:11.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:citrix:netscaler_gateway_firmware:12.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:citrix:netscaler_gateway:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2018-6808"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "NetScaler ADC 10.5, 11.0, 11.1, and 12.0, and NetScaler Gateway 10.5, 11.0, 11.1, and 12.0 allow remote attackers to download arbitrary files on the target system."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-200"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://support.citrix.com/article/CTX232161",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://support.citrix.com/article/CTX232161"
            },
            {
              "name": "1040440",
              "refsource": "SECTRACK",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securitytracker.com/id/1040440"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2018-03-26T16:13Z",
      "publishedDate": "2018-03-06T20:29Z"
    }
  }
}

CERTFR-2018-AVI-106

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans Citrix NetScaler Application Delivery Controller (ADC) et NetScaler Gateway. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une atteinte à la confidentialité des données et une injection de code indirecte à distance (XSS).

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Citrix	NetScaler Gateway	Citrix NetScaler ADC et NetScaler Gateway versions antérieures à 11.1 Build 56.15
Citrix	NetScaler Gateway	Citrix NetScaler ADC et NetScaler Gateway versions antérieures à 11.0 Build 71.18
Citrix	NetScaler Gateway	Citrix NetScaler ADC et NetScaler Gateway versions antérieures à 10.5 Build 67.10
Citrix	NetScaler Gateway	Citrix NetScaler ADC et NetScaler Gateway versions antérieures à 12.0 Build 57.19

References

Title

Publication Time

Tags

Bulletin de sécurité Citrix CTX232199 du 28 février 2018	None	vendor-advisory
Bulletin de sécurité Citrix CTX232161 du 1 mars 2018	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Citrix NetScaler ADC et NetScaler Gateway versions ant\u00e9rieures \u00e0 11.1 Build 56.15",
      "product": {
        "name": "NetScaler Gateway",
        "vendor": {
          "name": "Citrix",
          "scada": false
        }
      }
    },
    {
      "description": "Citrix NetScaler ADC et NetScaler Gateway versions ant\u00e9rieures \u00e0 11.0 Build 71.18",
      "product": {
        "name": "NetScaler Gateway",
        "vendor": {
          "name": "Citrix",
          "scada": false
        }
      }
    },
    {
      "description": "Citrix NetScaler ADC et NetScaler Gateway versions ant\u00e9rieures \u00e0 10.5 Build 67.10",
      "product": {
        "name": "NetScaler Gateway",
        "vendor": {
          "name": "Citrix",
          "scada": false
        }
      }
    },
    {
      "description": "Citrix NetScaler ADC et NetScaler Gateway versions ant\u00e9rieures \u00e0 12.0 Build 57.19",
      "product": {
        "name": "NetScaler Gateway",
        "vendor": {
          "name": "Citrix",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2018-6810",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-6810"
    },
    {
      "name": "CVE-2018-5314",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-5314"
    },
    {
      "name": "CVE-2018-6808",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-6808"
    },
    {
      "name": "CVE-2018-6809",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-6809"
    },
    {
      "name": "CVE-2018-6811",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-6811"
    },
    {
      "name": "CVE-2018-6186",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-6186"
    }
  ],
  "links": [],
  "reference": "CERTFR-2018-AVI-106",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2018-03-01T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Citrix NetScaler\nApplication Delivery Controller (ADC) et NetScaler Gateway. Certaines\nd\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de\ncode arbitraire \u00e0 distance, une atteinte \u00e0 la confidentialit\u00e9 des\ndonn\u00e9es et une injection de code indirecte \u00e0 distance (XSS).\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Citrix NetScaler Application Delivery Controller (ADC) et NetScaler Gateway",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Citrix CTX232199 du 28 f\u00e9vrier 2018",
      "url": "https://support.citrix.com/article/CTX232199"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Citrix CTX232161 du 1 mars 2018",
      "url": "https://support.citrix.com/article/CTX232161"
    }
  ]
}

CERTFR-2018-AVI-106

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Citrix	NetScaler Gateway	Citrix NetScaler ADC et NetScaler Gateway versions antérieures à 11.1 Build 56.15
Citrix	NetScaler Gateway	Citrix NetScaler ADC et NetScaler Gateway versions antérieures à 11.0 Build 71.18
Citrix	NetScaler Gateway	Citrix NetScaler ADC et NetScaler Gateway versions antérieures à 10.5 Build 67.10
Citrix	NetScaler Gateway	Citrix NetScaler ADC et NetScaler Gateway versions antérieures à 12.0 Build 57.19

References

Title

Publication Time

Tags

Bulletin de sécurité Citrix CTX232199 du 28 février 2018	None	vendor-advisory
Bulletin de sécurité Citrix CTX232161 du 1 mars 2018	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Citrix NetScaler ADC et NetScaler Gateway versions ant\u00e9rieures \u00e0 11.1 Build 56.15",
      "product": {
        "name": "NetScaler Gateway",
        "vendor": {
          "name": "Citrix",
          "scada": false
        }
      }
    },
    {
      "description": "Citrix NetScaler ADC et NetScaler Gateway versions ant\u00e9rieures \u00e0 11.0 Build 71.18",
      "product": {
        "name": "NetScaler Gateway",
        "vendor": {
          "name": "Citrix",
          "scada": false
        }
      }
    },
    {
      "description": "Citrix NetScaler ADC et NetScaler Gateway versions ant\u00e9rieures \u00e0 10.5 Build 67.10",
      "product": {
        "name": "NetScaler Gateway",
        "vendor": {
          "name": "Citrix",
          "scada": false
        }
      }
    },
    {
      "description": "Citrix NetScaler ADC et NetScaler Gateway versions ant\u00e9rieures \u00e0 12.0 Build 57.19",
      "product": {
        "name": "NetScaler Gateway",
        "vendor": {
          "name": "Citrix",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2018-6810",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-6810"
    },
    {
      "name": "CVE-2018-5314",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-5314"
    },
    {
      "name": "CVE-2018-6808",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-6808"
    },
    {
      "name": "CVE-2018-6809",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-6809"
    },
    {
      "name": "CVE-2018-6811",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-6811"
    },
    {
      "name": "CVE-2018-6186",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-6186"
    }
  ],
  "links": [],
  "reference": "CERTFR-2018-AVI-106",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2018-03-01T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Citrix NetScaler\nApplication Delivery Controller (ADC) et NetScaler Gateway. Certaines\nd\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de\ncode arbitraire \u00e0 distance, une atteinte \u00e0 la confidentialit\u00e9 des\ndonn\u00e9es et une injection de code indirecte \u00e0 distance (XSS).\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Citrix NetScaler Application Delivery Controller (ADC) et NetScaler Gateway",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Citrix CTX232199 du 28 f\u00e9vrier 2018",
      "url": "https://support.citrix.com/article/CTX232199"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Citrix CTX232161 du 1 mars 2018",
      "url": "https://support.citrix.com/article/CTX232161"
    }
  ]
}

VAR-201803-2100

Vulnerability from variot - Updated: 2023-12-18 12:36

NetScaler ADC 10.5, 11.0, 11.1, and 12.0, and NetScaler Gateway 10.5, 11.0, 11.1, and 12.0 allow remote attackers to download arbitrary files on the target system. Citrix NetScaler ADC and NetScaler Gateway Contains an information disclosure vulnerability.Information may be obtained. NetScaler ADC is a service and application delivery solution (application delivery controller); NetScaler Gateway is a secure remote access solution. The following products and versions are affected: Citrix NetScaler ADC Release 10.5, Release 11.0, Release 11.1, Release 12.0; NetScaler Gateway Release 10.5, Release 11.0, Release 11.1, Release 12.0

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201803-2100",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "netscaler application delivery controller",
        "scope": "eq",
        "trust": 2.4,
        "vendor": "citrix",
        "version": "10.5"
      },
      {
        "model": "netscaler application delivery controller",
        "scope": "eq",
        "trust": 2.4,
        "vendor": "citrix",
        "version": "11.0"
      },
      {
        "model": "netscaler application delivery controller",
        "scope": "eq",
        "trust": 2.4,
        "vendor": "citrix",
        "version": "11.1"
      },
      {
        "model": "netscaler application delivery controller",
        "scope": "eq",
        "trust": 2.4,
        "vendor": "citrix",
        "version": "12.0"
      },
      {
        "model": "netscaler gateway",
        "scope": "eq",
        "trust": 2.4,
        "vendor": "citrix",
        "version": "10.5"
      },
      {
        "model": "netscaler gateway",
        "scope": "eq",
        "trust": 2.4,
        "vendor": "citrix",
        "version": "11.0"
      },
      {
        "model": "netscaler gateway",
        "scope": "eq",
        "trust": 2.4,
        "vendor": "citrix",
        "version": "11.1"
      },
      {
        "model": "netscaler gateway",
        "scope": "eq",
        "trust": 2.4,
        "vendor": "citrix",
        "version": "12.0"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-002542"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-6808"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201803-148"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:citrix:netscaler_application_delivery_controller_firmware:11.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:citrix:netscaler_application_delivery_controller_firmware:12.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:citrix:netscaler_application_delivery_controller_firmware:10.5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:citrix:netscaler_application_delivery_controller_firmware:11.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:citrix:netscaler_application_delivery_controller:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:citrix:netscaler_gateway_firmware:10.5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:citrix:netscaler_gateway_firmware:11.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:citrix:netscaler_gateway_firmware:11.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:citrix:netscaler_gateway_firmware:12.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:citrix:netscaler_gateway:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2018-6808"
      }
    ]
  },
  "cve": "CVE-2018-6808",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "MEDIUM",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "None",
            "baseScore": 5.0,
            "confidentialityImpact": "Partial",
            "exploitabilityScore": null,
            "id": "CVE-2018-6808",
            "impactScore": null,
            "integrityImpact": "None",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Medium",
            "trust": 0.9,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "VHN-136840",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "NVD",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 3.9,
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "None",
            "baseScore": 7.5,
            "baseSeverity": "High",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "CVE-2018-6808",
            "impactScore": null,
            "integrityImpact": "None",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2018-6808",
            "trust": 1.8,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201803-148",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-136840",
            "trust": 0.1,
            "value": "MEDIUM"
          },
          {
            "author": "VULMON",
            "id": "CVE-2018-6808",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-136840"
      },
      {
        "db": "VULMON",
        "id": "CVE-2018-6808"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-002542"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-6808"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201803-148"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "NetScaler ADC 10.5, 11.0, 11.1, and 12.0, and NetScaler Gateway 10.5, 11.0, 11.1, and 12.0 allow remote attackers to download arbitrary files on the target system. Citrix NetScaler ADC and NetScaler Gateway Contains an information disclosure vulnerability.Information may be obtained. NetScaler ADC is a service and application delivery solution (application delivery controller); NetScaler Gateway is a secure remote access solution. The following products and versions are affected: Citrix NetScaler ADC Release 10.5, Release 11.0, Release 11.1, Release 12.0; NetScaler Gateway Release 10.5, Release 11.0, Release 11.1, Release 12.0",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2018-6808"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-002542"
      },
      {
        "db": "VULHUB",
        "id": "VHN-136840"
      },
      {
        "db": "VULMON",
        "id": "CVE-2018-6808"
      }
    ],
    "trust": 1.8
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2018-6808",
        "trust": 2.6
      },
      {
        "db": "SECTRACK",
        "id": "1040440",
        "trust": 1.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-002542",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201803-148",
        "trust": 0.7
      },
      {
        "db": "VULHUB",
        "id": "VHN-136840",
        "trust": 0.1
      },
      {
        "db": "VULMON",
        "id": "CVE-2018-6808",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-136840"
      },
      {
        "db": "VULMON",
        "id": "CVE-2018-6808"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-002542"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-6808"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201803-148"
      }
    ]
  },
  "id": "VAR-201803-2100",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-136840"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2023-12-18T12:36:53.765000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "CTX232161",
        "trust": 0.8,
        "url": "https://support.citrix.com/article/ctx232161"
      },
      {
        "title": "Citrix NetScaler Application Delivery Controller  and NetScaler Gateway Security vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=78922"
      },
      {
        "title": "Citrix Security Bulletins: Citrix NetScaler Application Delivery Controller and NetScaler Gateway Multiple Security Updates",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=citrix_security_bulletins\u0026qid=cf8a157f0a34d7fb512f6c61c9c75a50"
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2018-6808"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-002542"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201803-148"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-200",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-136840"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-002542"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-6808"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.9,
        "url": "https://support.citrix.com/article/ctx232161"
      },
      {
        "trust": 1.8,
        "url": "http://www.securitytracker.com/id/1040440"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-6808"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-6808"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/200.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-136840"
      },
      {
        "db": "VULMON",
        "id": "CVE-2018-6808"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-002542"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-6808"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201803-148"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-136840"
      },
      {
        "db": "VULMON",
        "id": "CVE-2018-6808"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-002542"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-6808"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201803-148"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2018-03-06T00:00:00",
        "db": "VULHUB",
        "id": "VHN-136840"
      },
      {
        "date": "2018-03-06T00:00:00",
        "db": "VULMON",
        "id": "CVE-2018-6808"
      },
      {
        "date": "2018-04-18T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2018-002542"
      },
      {
        "date": "2018-03-06T20:29:01.063000",
        "db": "NVD",
        "id": "CVE-2018-6808"
      },
      {
        "date": "2018-03-07T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201803-148"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2018-03-26T00:00:00",
        "db": "VULHUB",
        "id": "VHN-136840"
      },
      {
        "date": "2018-03-26T00:00:00",
        "db": "VULMON",
        "id": "CVE-2018-6808"
      },
      {
        "date": "2018-04-18T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2018-002542"
      },
      {
        "date": "2018-03-26T16:13:38.047000",
        "db": "NVD",
        "id": "CVE-2018-6808"
      },
      {
        "date": "2018-03-07T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201803-148"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201803-148"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Citrix NetScaler ADC and  NetScaler Gateway Vulnerable to information disclosure",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-002542"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "information disclosure",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201803-148"
      }
    ],
    "trust": 0.6
  }
}

GHSA-F34H-GJ99-J7GV

Vulnerability from github – Published: 2022-05-14 03:35 – Updated: 2022-05-14 03:35

Details

NetScaler ADC 10.5, 11.0, 11.1, and 12.0, and NetScaler Gateway 10.5, 11.0, 11.1, and 12.0 allow remote attackers to download arbitrary files on the target system.

Severity ?

7.5 (High)


                  
                    CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2018-6808"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-200"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-03-06T20:29:00Z",
    "severity": "HIGH"
  },
  "details": "NetScaler ADC 10.5, 11.0, 11.1, and 12.0, and NetScaler Gateway 10.5, 11.0, 11.1, and 12.0 allow remote attackers to download arbitrary files on the target system.",
  "id": "GHSA-f34h-gj99-j7gv",
  "modified": "2022-05-14T03:35:47Z",
  "published": "2022-05-14T03:35:47Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-6808"
    },
    {
      "type": "WEB",
      "url": "https://support.citrix.com/article/CTX232161"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1040440"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

CNVD-2018-06560

Vulnerability from cnvd - Published: 2018-03-28

Title

Citrix NetScaler ADC和NetScaler Gateway任意文件下载漏洞

Description

Citrix NetScaler Application Delivery Controller（ADC）和NetScaler Gateway（前称Citrix Access Gateway Enterprise Edition）都是美国思杰系统（Citrix Systems）公司的产品。NetScaler ADC是一套服务和应用交付解决方案（应用交付控制器）；NetScaler Gateway是一套安全的远程接入解决方案。 Citrix NetScaler ADC和NetScaler Gateway中存在安全漏洞。远程攻击者可利用该漏洞下载任意文件。

Severity

中

Patch Name

Citrix NetScaler ADC和NetScaler Gateway任意文件下载漏洞的补丁

Patch Description

Formal description

厂商已发布漏洞修复程序，请及时关注更新： https://support.citrix.com/article/CTX232161

Reference

https://support.citrix.com/article/CTX232161

Impacted products

Name
['Citrix Systems NetScaler Gateway 10.5', 'Citrix Systems NetScaler Gateway 11.0', 'Citrix Systems NetScaler Gateway 11.1', 'Citrix Systems NetScaler Gateway 12.0', 'Citrix Systems Citrix NetScaler ADC 10.5', 'Citrix Systems Citrix NetScaler ADC 11.0', 'Citrix Systems Citrix NetScaler ADC 11.1', 'Citrix Systems Citrix NetScaler ADC 12.0']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2018-6808"
    }
  },
  "description": "Citrix NetScaler Application Delivery Controller\uff08ADC\uff09\u548cNetScaler Gateway\uff08\u524d\u79f0Citrix Access Gateway Enterprise Edition\uff09\u90fd\u662f\u7f8e\u56fd\u601d\u6770\u7cfb\u7edf\uff08Citrix Systems\uff09\u516c\u53f8\u7684\u4ea7\u54c1\u3002NetScaler ADC\u662f\u4e00\u5957\u670d\u52a1\u548c\u5e94\u7528\u4ea4\u4ed8\u89e3\u51b3\u65b9\u6848\uff08\u5e94\u7528\u4ea4\u4ed8\u63a7\u5236\u5668\uff09\uff1bNetScaler Gateway\u662f\u4e00\u5957\u5b89\u5168\u7684\u8fdc\u7a0b\u63a5\u5165\u89e3\u51b3\u65b9\u6848\u3002\r\n\r\nCitrix NetScaler ADC\u548cNetScaler Gateway\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u4e0b\u8f7d\u4efb\u610f\u6587\u4ef6\u3002",
  "discovererName": "Qualys Security Research Team (https://www.qualys.com)",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://support.citrix.com/article/CTX232161",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2018-06560",
  "openTime": "2018-03-28",
  "patchDescription": "Citrix NetScaler Application Delivery Controller\uff08ADC\uff09\u548cNetScaler Gateway\uff08\u524d\u79f0Citrix Access Gateway Enterprise Edition\uff09\u90fd\u662f\u7f8e\u56fd\u601d\u6770\u7cfb\u7edf\uff08Citrix Systems\uff09\u516c\u53f8\u7684\u4ea7\u54c1\u3002NetScaler ADC\u662f\u4e00\u5957\u670d\u52a1\u548c\u5e94\u7528\u4ea4\u4ed8\u89e3\u51b3\u65b9\u6848\uff08\u5e94\u7528\u4ea4\u4ed8\u63a7\u5236\u5668\uff09\uff1bNetScaler Gateway\u662f\u4e00\u5957\u5b89\u5168\u7684\u8fdc\u7a0b\u63a5\u5165\u89e3\u51b3\u65b9\u6848\u3002\r\n\r\nCitrix NetScaler ADC\u548cNetScaler Gateway\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u4e0b\u8f7d\u4efb\u610f\u6587\u4ef6\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Citrix NetScaler ADC\u548cNetScaler Gateway\u4efb\u610f\u6587\u4ef6\u4e0b\u8f7d\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Citrix Systems NetScaler Gateway 10.5",
      "Citrix Systems NetScaler Gateway 11.0",
      "Citrix Systems NetScaler Gateway 11.1",
      "Citrix Systems NetScaler Gateway 12.0",
      "Citrix Systems Citrix NetScaler ADC 10.5",
      "Citrix Systems Citrix NetScaler ADC 11.0",
      "Citrix Systems Citrix NetScaler ADC 11.1",
      "Citrix Systems Citrix NetScaler ADC 12.0"
    ]
  },
  "referenceLink": "https://support.citrix.com/article/CTX232161",
  "serverity": "\u4e2d",
  "submitTime": "2018-03-07",
  "title": "Citrix NetScaler ADC\u548cNetScaler Gateway\u4efb\u610f\u6587\u4ef6\u4e0b\u8f7d\u6f0f\u6d1e"
}

FKIE_CVE-2018-6808

Vulnerability from fkie_nvd - Published: 2018-03-06 20:29 - Updated: 2024-11-21 04:11

Severity ?

7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Summary

NetScaler ADC 10.5, 11.0, 11.1, and 12.0, and NetScaler Gateway 10.5, 11.0, 11.1, and 12.0 allow remote attackers to download arbitrary files on the target system.

References

URL	Tags
cve@mitre.org	http://www.securitytracker.com/id/1040440	Third Party Advisory, VDB Entry
cve@mitre.org	https://support.citrix.com/article/CTX232161	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1040440	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://support.citrix.com/article/CTX232161	Vendor Advisory

Impacted products

Vendor	Product	Version
citrix	netscaler_application_delivery_controller_firmware	10.5
citrix	netscaler_application_delivery_controller_firmware	11.0
citrix	netscaler_application_delivery_controller_firmware	11.1
citrix	netscaler_application_delivery_controller_firmware	12.0
citrix	netscaler_application_delivery_controller	-
citrix	netscaler_gateway_firmware	10.5
citrix	netscaler_gateway_firmware	11.0
citrix	netscaler_gateway_firmware	11.1
citrix	netscaler_gateway_firmware	12.0
citrix	netscaler_gateway	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:citrix:netscaler_application_delivery_controller_firmware:10.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8C7525B-2A2D-43AF-8DA0-11FF28322337",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:citrix:netscaler_application_delivery_controller_firmware:11.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB678AF5-12B4-41D0-A381-46EE277313B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:citrix:netscaler_application_delivery_controller_firmware:11.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "123D42E1-3CDD-4D46-82F6-8982DE716F7E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:citrix:netscaler_application_delivery_controller_firmware:12.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FFCE3458-6750-4773-BA18-CAA67A6093D4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:citrix:netscaler_application_delivery_controller:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "81FD5100-3ADB-4C21-BCE5-CDA7C4C1D8B9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:citrix:netscaler_gateway_firmware:10.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E0FA8E2-3E8F-481E-8C39-FB00A9739DFC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:citrix:netscaler_gateway_firmware:11.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2C6F82C-9969-4A6E-88C8-AB8BB0AAD3C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:citrix:netscaler_gateway_firmware:11.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5D73B9A-59AA-4A38-AEAF-7EAB0965CD7E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:citrix:netscaler_gateway_firmware:12.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B9F3ED0E-7F3D-477B-B645-77DA5FC7F502",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:citrix:netscaler_gateway:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEBB9B6A-1CAD-4D82-9B1E-939921986053",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "NetScaler ADC 10.5, 11.0, 11.1, and 12.0, and NetScaler Gateway 10.5, 11.0, 11.1, and 12.0 allow remote attackers to download arbitrary files on the target system."
    },
    {
      "lang": "es",
      "value": "NetScaler ADC 10.5, 11.0, 11.1 y 12.0 y NetScaler Gateway 10.5, 11.0, 11.1 y12.0 permiten que atacantes remotos descarguen archivos arbitrarios en el sistema objetivo."
    }
  ],
  "id": "CVE-2018-6808",
  "lastModified": "2024-11-21T04:11:13.900",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-03-06T20:29:01.063",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1040440"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.citrix.com/article/CTX232161"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1040440"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.citrix.com/article/CTX232161"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-200"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2018-6808 (GCVE-0-2018-6808)

GSD-2018-6808

CERTFR-2018-AVI-106

Solution

CERTFR-2018-AVI-106

Solution

VAR-201803-2100

GHSA-F34H-GJ99-J7GV

CNVD-2018-06560

FKIE_CVE-2018-6808

Tags

Sightings

Nomenclature