Overview
- Description
- Authenticated user can access unintended user capabilities in NetScaler ADC and NetScaler Gateway if the appliance must be configured as a Gateway (SSL VPN, ICA Proxy, CVPN, RDP Proxy) with KCDAccount configuration for Kerberos SSO to access backend resources OR the appliance must be configured as an Auth Server (AAA Vserver) with KCDAccount configuration for Kerberos SSO to access backend resources
- Source
- secure@citrix.com
- NVD status
- Awaiting Analysis
Risk scores
CVSS 4.0
- Type
- Secondary
- Base score
- 5.8
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- MEDIUM
CVSS 3.1
- Type
- Secondary
- Base score
- 8.8
- Impact score
- 5.9
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
Weaknesses
- 134c704f-9b21-4f2e-91b3-4a467353bcc0
- CWE-552
Social media
- Hype score
- Not currently trending
On November 12, 2024, Cloud Software Group released builds to fix CVE-2024-8534 and CVE-2024-8535, which affect #NetScalerADC and #NetScalerGateway. For more information and details, read our blog: https://t.co/NWvmSqwy2T
@NetScaler
14 Nov 2024
231 Impressions
0 Retweets
3 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-8535 Authenticated user can access unintended user capabilities in NetScaler ADC and NetScaler Gateway if the appliance must be configured as a Gateway (SSL VPN, ICA Proxy, … https://t.co/FUTpwN5gRS
@CVEnew
12 Nov 2024
220 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Citrix NetScaler ADCおよびNetScaler Gatewayにおける脆弱性 CVE-2024-8534 メモリの安全性に関する脆弱性であり、メモリ破損やDoSを引き起こす可能性 CVSS 8.4 CVE-2024-8535 認証済みのユーザーが意図しない操作権限を持つ可能性 CVSS 5.8 速やかなアップグレードを推奨します。 https://t.co/cehVqgXwz8
@t_nihonmatsu
12 Nov 2024
301 Impressions
0 Retweets
1 Like
1 Bookmark
0 Replies
0 Quotes
NetScaler ADC and NetScaler Gateway Security Bulletin for CVE-2024-8534 and CVE-2024-8535 https://t.co/XfchQFkJzX
@autumn_good_35
12 Nov 2024
369 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
Citrix addresses NetScaler Vulnerabilities CVE-2024-8534 and CVE-2024-8535 #NetScalerADC #Citrix #CVE-2024-8534 #CVE-2024-8535 https://t.co/3ooEjhqG9F
@pravin_karthik
12 Nov 2024
53 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Check out the latest article in my newsletter: NetScaler ADC and NetScaler Gateway Security Bulletin for CVE-2024-8534 and CVE-2024-8535 https://t.co/31sUAXNeWC via @LinkedIn
@AndrewScott_8
12 Nov 2024
140 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes