CVE-2014-2882

2014-05-0117:28:36

[email protected]

web.nvd.nist.gov

cve-2014-2882

citrix netscaler

adc

gateway

certificate validation

vulnerability

nvd

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

6.7 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

54.0%

JSON

Unspecified vulnerability in the management GUI in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 9.3-66.5 and 10.x before 10.1-122.17 has unspecified impact and vectors, related to certificate validation.

Affected configurations

NVD

Node

citrixnetscaler_access_gateway_firmwareRange≤10.1.e

citrixnetscaler_application_delivery_controller_firmwareRange≤9.3.e

AND

citrixnetscaler_access_gatewayMatch--enterprise

Node

citrixnetscaler_access_gateway_firmwareMatch9.3

citrixnetscaler_application_delivery_controller_firmwareMatch10.1

AND

citrixnetscaler_application_delivery_controllerMatch-

CPENameOperatorVersion
citrix:netscaler_access_gateway_firmwarecitrix netscaler access gateway firmwarele10.1.e
citrix:netscaler_application_delivery_controller_firmwarecitrix netscaler application delivery controller firmwarele9.3.e
citrix:netscaler_access_gatewaycitrix netscaler access gatewayeq-

CPE	Name	Operator	Version
citrix:netscaler_access_gateway_firmware	citrix netscaler access gateway firmware	le	10.1.e
citrix:netscaler_application_delivery_controller_firmware	citrix netscaler application delivery controller firmware	le	9.3.e
citrix:netscaler_access_gateway	citrix netscaler access gateway	eq	-