CVE-2014-8580

Published Nov 7, 2014

Last updated 7 years ago

CVSS info 4.9

Overview

Description: Citrix NetScaler Application Delivery Controller and NetScaler Gateway 10.5.50.10 before 10.5-52.11, 10.1.122.17 before 10.1-129.11, and 10.1-120.1316.e before 10.1-129.1105.e, when using unspecified configurations, allows remote authenticated users to access "network resources" of other users via unknown vectors.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 4.9
Impact score: 4.9
Exploitability score: 6.8
Vector string: AV:N/AC:M/Au:S/C:P/I:P/A:N

Weaknesses

nvd@nist.gov: CWE-264

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:citrix:netscaler_application_delivery_controller_firmware:10.1.120.1316.e:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C2CEF78D-8155-4C7C-A7BC-6AB2920FDE39"
          },
          {
            "criteria": "cpe:2.3:o:citrix:netscaler_application_delivery_controller_firmware:10.1.121:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4200E498-5730-446C-B17D-C73CD9DD23BE"
          },
          {
            "criteria": "cpe:2.3:o:citrix:netscaler_application_delivery_controller_firmware:10.1.122:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4920C74B-2C41-4074-B376-BC464B787973"
          },
          {
            "criteria": "cpe:2.3:o:citrix:netscaler_application_delivery_controller_firmware:10.1.123:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E0790595-B322-4203-AE1A-0DF4AB2AAD8D"
          },
          {
            "criteria": "cpe:2.3:o:citrix:netscaler_application_delivery_controller_firmware:10.1.124:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EF19EAF4-EB35-4668-9973-3F952B446395"
          },
          {
            "criteria": "cpe:2.3:o:citrix:netscaler_application_delivery_controller_firmware:10.1.125:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6698AF1B-AF32-475A-9018-1F70A98F5577"
          },
          {
            "criteria": "cpe:2.3:o:citrix:netscaler_application_delivery_controller_firmware:10.1.126:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0E596AB3-2C82-4B5A-8613-F273DE9ADE79"
          },
          {
            "criteria": "cpe:2.3:o:citrix:netscaler_application_delivery_controller_firmware:10.1.127:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3121D097-0E4E-4664-BFFD-A19A1B32E060"
          },
          {
            "criteria": "cpe:2.3:o:citrix:netscaler_application_delivery_controller_firmware:10.1.128:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2AEDF8DB-B375-4313-8239-9725BF754DFF"
          },
          {
            "criteria": "cpe:2.3:o:citrix:netscaler_application_delivery_controller_firmware:10.1.129:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4E5E2D43-0DD4-436B-9D8D-857D906C7846"
          },
          {
            "criteria": "cpe:2.3:o:citrix:netscaler_application_delivery_controller_firmware:10.5.50.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "610692FA-4E9C-4C2F-971B-212AEA88350C"
          },
          {
            "criteria": "cpe:2.3:o:citrix:netscaler_application_delivery_controller_firmware:10.5.51.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2149C7C8-B9CB-46F6-A09A-D7318D5A7BB0"
          },
          {
            "criteria": "cpe:2.3:o:citrix:netscaler_gateway_firmware:10.1.120.1316.e:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "065F4DB8-29E4-485C-BA7E-53CBDEEEB2D9"
          },
          {
            "criteria": "cpe:2.3:o:citrix:netscaler_gateway_firmware:10.1.121:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C0A4789A-A774-46AE-A11D-D5209F0475E1"
          },
          {
            "criteria": "cpe:2.3:o:citrix:netscaler_gateway_firmware:10.1.122:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F26ED266-19D1-47FE-89A0-FA738B220517"
          },
          {
            "criteria": "cpe:2.3:o:citrix:netscaler_gateway_firmware:10.1.123:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4015CD17-11F7-4982-952C-EA2C9D1F31A8"
          },
          {
            "criteria": "cpe:2.3:o:citrix:netscaler_gateway_firmware:10.1.124:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2161AD30-18C5-4DB2-BC80-66F7CED4F839"
          },
          {
            "criteria": "cpe:2.3:o:citrix:netscaler_gateway_firmware:10.1.125:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CC1319D8-D77C-47B1-A201-2279730EF0C6"
          },
          {
            "criteria": "cpe:2.3:o:citrix:netscaler_gateway_firmware:10.1.126:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C6506EBE-CDE6-40C2-B9AB-DB396B3C440B"
          },
          {
            "criteria": "cpe:2.3:o:citrix:netscaler_gateway_firmware:10.1.127:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "48944761-F3B4-448C-B665-F30C66F8B2C3"
          },
          {
            "criteria": "cpe:2.3:o:citrix:netscaler_gateway_firmware:10.1.128:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EB292BA1-7FF4-4C24-97F5-97C99DD8583F"
          },
          {
            "criteria": "cpe:2.3:o:citrix:netscaler_gateway_firmware:10.1.129:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9F502B60-1ED5-45E8-A3AF-9947912FCC45"
          },
          {
            "criteria": "cpe:2.3:o:citrix:netscaler_gateway_firmware:10.5.50.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "434B995D-BB1E-48FD-AB92-33E95EC75C1C"
          },
          {
            "criteria": "cpe:2.3:o:citrix:netscaler_gateway_firmware:10.5.51.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "48B0E1CE-44E0-4A3E-85D1-F1391FDB3B5E"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References