var-201304-0403
Vulnerability from variot
Unspecified vulnerability in Citrix NetScaler Access Gateway Enterprise Edition (AGEE) before 9.3.62.4 and 10.x through 10.0.74.4, and NetScaler AGEE Common Criteria build before 9.3.53.6, allows remote attackers to bypass intended intranet access restrictions via unknown vectors. This may aid in further attacks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201304-0403",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netscaler access gateway",
"scope": "eq",
"trust": 1.6,
"vendor": "citrix",
"version": "9.1"
},
{
"model": "netscaler access gateway",
"scope": "eq",
"trust": 1.6,
"vendor": "citrix",
"version": "10.0.74.4"
},
{
"model": "netscaler access gateway",
"scope": "eq",
"trust": 1.6,
"vendor": "citrix",
"version": "9.3"
},
{
"model": "netscaler access gateway",
"scope": "eq",
"trust": 1.6,
"vendor": "citrix",
"version": "9.2"
},
{
"model": "netscaler access gateway",
"scope": "eq",
"trust": 1.6,
"vendor": "citrix",
"version": "10.0"
},
{
"model": "netscaler access gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "citrix",
"version": "9.3.61.5"
},
{
"model": "netscaler access gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "citrix",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "citrix",
"version": null
},
{
"model": "netscaler gateway",
"scope": null,
"trust": 0.8,
"vendor": "citrix",
"version": null
},
{
"model": "netscaler gateway",
"scope": "lte",
"trust": 0.8,
"vendor": "citrix",
"version": "version 10.0.74.4 10.0 system"
},
{
"model": "netscaler gateway",
"scope": "lte",
"trust": 0.8,
"vendor": "citrix",
"version": "version 9.3.61.5"
},
{
"model": "netscaler access gateway enterprise",
"scope": "eq",
"trust": 0.6,
"vendor": "citrix",
"version": "9.3.61.5"
},
{
"model": "netscaler access gateway",
"scope": "eq",
"trust": 0.6,
"vendor": "citrix",
"version": "9.3.61.5"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#521612"
},
{
"db": "CNVD",
"id": "CNVD-2013-04456"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002478"
},
{
"db": "NVD",
"id": "CVE-2013-2767"
},
{
"db": "CNNVD",
"id": "CNNVD-201304-547"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:citrix:netscaler_access_gateway_firmware:10.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:citrix:netscaler_access_gateway_firmware:10.0.74.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:citrix:netscaler_access_gateway_firmware:9.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:citrix:netscaler_access_gateway_firmware:9.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:citrix:netscaler_access_gateway_firmware:9.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:citrix:netscaler_access_gateway_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "9.3.61.5",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:citrix:netscaler_access_gateway_firmware:9.3:agee_common_criteria_build:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:citrix:netscaler_access_gateway:-:-:enterprise:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2013-2767"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "HyeongKwan Lee of SK",
"sources": [
{
"db": "BID",
"id": "59491"
}
],
"trust": 0.3
},
"cve": "CVE-2013-2767",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 4.9,
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:H/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT DEFINED",
"baseScore": 5.4,
"collateralDamagePotential": "LOW-MEDIUM",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT DEFINED",
"enviromentalScore": 4.5,
"exploitability": "PROOF-OF-CONCEPT",
"exploitabilityScore": 4.9,
"id": "CVE-2013-2767",
"impactScore": 6.9,
"integrityImpact": "NONE",
"integrityRequirement": "NOT DEFINED",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"remediationLevel": "OFFICIAL FIX",
"reportConfidence": "CONFIRMED",
"severity": "MEDIUM",
"targetDistribution": "MEDIUM",
"trust": 0.8,
"userInterationRequired": null,
"vector_string": "AV:N/AC:H/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "High",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.4,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2013-2767",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:H/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 4.9,
"id": "CNVD-2013-04456",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:H/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 4.9,
"id": "VHN-62769",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:H/AU:N/C:C/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2013-2767",
"trust": 2.6,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2013-04456",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201304-547",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-62769",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#521612"
},
{
"db": "CNVD",
"id": "CNVD-2013-04456"
},
{
"db": "VULHUB",
"id": "VHN-62769"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002478"
},
{
"db": "NVD",
"id": "CVE-2013-2767"
},
{
"db": "CNNVD",
"id": "CNNVD-201304-547"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unspecified vulnerability in Citrix NetScaler Access Gateway Enterprise Edition (AGEE) before 9.3.62.4 and 10.x through 10.0.74.4, and NetScaler AGEE Common Criteria build before 9.3.53.6, allows remote attackers to bypass intended intranet access restrictions via unknown vectors. This may aid in further attacks",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-2767"
},
{
"db": "CERT/CC",
"id": "VU#521612"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002478"
},
{
"db": "CNVD",
"id": "CNVD-2013-04456"
},
{
"db": "BID",
"id": "59491"
},
{
"db": "VULHUB",
"id": "VHN-62769"
}
],
"trust": 3.24
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-2767",
"trust": 4.2
},
{
"db": "CERT/CC",
"id": "VU#521612",
"trust": 4.2
},
{
"db": "BID",
"id": "59491",
"trust": 1.0
},
{
"db": "JVN",
"id": "JVNVU95943552",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002478",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2013-04456",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201304-547",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-62769",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#521612"
},
{
"db": "CNVD",
"id": "CNVD-2013-04456"
},
{
"db": "VULHUB",
"id": "VHN-62769"
},
{
"db": "BID",
"id": "59491"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002478"
},
{
"db": "NVD",
"id": "CVE-2013-2767"
},
{
"db": "CNNVD",
"id": "CNNVD-201304-547"
}
]
},
"id": "VAR-201304-0403",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-04456"
},
{
"db": "VULHUB",
"id": "VHN-62769"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-04456"
}
]
},
"last_update_date": "2023-12-18T13:20:07.062000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Vulnerability in Citrix NetScaler Access Gateway Enterprise Edition Could Result in Unauthorized Access to Network Resources (CTX137238)",
"trust": 0.8,
"url": "http://support.citrix.com/article/ctx137238"
},
{
"title": "NetScaler ADC - Firmware",
"trust": 0.8,
"url": "https://www.citrix.com/downloads/netscaler-adc/firmware.html"
},
{
"title": "Citrix NetScaler and Access Gateway are not authorized to access vulnerable patches",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/33692"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-04456"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002478"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2013-2767"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.6,
"url": "http://support.citrix.com/article/ctx137238"
},
{
"trust": 3.4,
"url": "http://www.kb.cert.org/vuls/id/521612"
},
{
"trust": 0.8,
"url": "https://www.citrix.com/downloads/netscaler-adc/firmware.html"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2767"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu95943552/index.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-2767"
},
{
"trust": 0.3,
"url": "http://www.citrix.com"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#521612"
},
{
"db": "CNVD",
"id": "CNVD-2013-04456"
},
{
"db": "VULHUB",
"id": "VHN-62769"
},
{
"db": "BID",
"id": "59491"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002478"
},
{
"db": "NVD",
"id": "CVE-2013-2767"
},
{
"db": "CNNVD",
"id": "CNNVD-201304-547"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#521612"
},
{
"db": "CNVD",
"id": "CNVD-2013-04456"
},
{
"db": "VULHUB",
"id": "VHN-62769"
},
{
"db": "BID",
"id": "59491"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002478"
},
{
"db": "NVD",
"id": "CVE-2013-2767"
},
{
"db": "CNNVD",
"id": "CNNVD-201304-547"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-04-25T00:00:00",
"db": "CERT/CC",
"id": "VU#521612"
},
{
"date": "2013-04-28T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-04456"
},
{
"date": "2013-04-25T00:00:00",
"db": "VULHUB",
"id": "VHN-62769"
},
{
"date": "2013-04-25T00:00:00",
"db": "BID",
"id": "59491"
},
{
"date": "2013-04-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-002478"
},
{
"date": "2013-04-25T20:55:10.003000",
"db": "NVD",
"id": "CVE-2013-2767"
},
{
"date": "2013-04-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201304-547"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-04-25T00:00:00",
"db": "CERT/CC",
"id": "VU#521612"
},
{
"date": "2013-05-28T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-04456"
},
{
"date": "2013-05-02T00:00:00",
"db": "VULHUB",
"id": "VHN-62769"
},
{
"date": "2013-04-25T00:00:00",
"db": "BID",
"id": "59491"
},
{
"date": "2013-04-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-002478"
},
{
"date": "2013-05-02T04:00:00",
"db": "NVD",
"id": "CVE-2013-2767"
},
{
"date": "2013-04-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201304-547"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201304-547"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Citrix NetScaler and Access Gateway Enterprise Edition unauthorized access to network resources vulnerability",
"sources": [
{
"db": "CERT/CC",
"id": "VU#521612"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "59491"
}
],
"trust": 0.3
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.