Lucene search

[email protected]CVE-2014-1899

HistoryMay 02, 2014 - 2:55 p.m.

CVE-2014-1899

2014-05-0214:55:05

CWE-79

[email protected]

web.nvd.nist.gov

cve-2014-1899

cross-site scripting

xss

citrix

netscaler gateway

nvd

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.8 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

53.0%

JSON

Cross-site scripting (XSS) vulnerability in Citrix NetScaler Gateway (formerly Citrix Access Gateway Enterprise Edition) 9.x before 9.3.66.5 and 10.x before 10.1.123.9 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Affected configurations

NVD

Node

citrixnetscaler_access_gateway_firmwareMatch9.3

citrixnetscaler_access_gateway_firmwareMatch9.3.61.5

citrixnetscaler_access_gateway_firmwareMatch9.3.62.4

citrixnetscaler_access_gateway_firmwareMatch10.0

citrixnetscaler_access_gateway_firmwareMatch10.0.74.4

citrixnetscaler_access_gateway_firmwareMatch10.1

AND

citrixnetscaler_access_gatewayMatch--enterprise

CPENameOperatorVersion
citrix:netscaler_access_gateway_firmwarecitrix netscaler access gateway firmwareeq9.3
citrix:netscaler_access_gateway_firmwarecitrix netscaler access gateway firmwareeq9.3.61.5
citrix:netscaler_access_gateway_firmwarecitrix netscaler access gateway firmwareeq9.3.62.4
citrix:netscaler_access_gateway_firmwarecitrix netscaler access gateway firmwareeq10.0
citrix:netscaler_access_gateway_firmwarecitrix netscaler access gateway firmwareeq10.0.74.4
citrix:netscaler_access_gateway_firmwarecitrix netscaler access gateway firmwareeq10.1
citrix:netscaler_access_gatewaycitrix netscaler access gatewayeq-

CPE	Name	Operator	Version
citrix:netscaler_access_gateway_firmware	citrix netscaler access gateway firmware	eq	9.3
citrix:netscaler_access_gateway_firmware	citrix netscaler access gateway firmware	eq	9.3.61.5
citrix:netscaler_access_gateway_firmware	citrix netscaler access gateway firmware	eq	9.3.62.4
citrix:netscaler_access_gateway_firmware	citrix netscaler access gateway firmware	eq	10.0
citrix:netscaler_access_gateway_firmware	citrix netscaler access gateway firmware	eq	10.0.74.4
citrix:netscaler_access_gateway_firmware	citrix netscaler access gateway firmware	eq	10.1
citrix:netscaler_access_gateway	citrix netscaler access gateway	eq	-

References

www.securityfocus.com/bid/67177

www.securitytracker.com/id/1030186

support.citrix.com/article/CTX140291

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.8 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

53.0%

JSON

Related for CVE-2014-1899

nessus1 cvelist1 prion1 nvd1