PT-2015-7315 · Citrix · Netscaler Gateway+1
Publicado
2015-09-17
·
Atualizado
2016-12-22
·
CVE-2015-6672
CVSS v2.0
4.3
Média
| Vetor | AV:N/AC:M/Au:N/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway versions prior to 10.1 Build 132.8
Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway versions 10.5 prior to Build 57.7
Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway versions 10.5e prior to Build 56.1505.e
Description
A cross-site scripting (XSS) issue exists in the Administrative Web Interface of the affected products, allowing remote attackers to inject arbitrary web script or HTML. This can be achieved via unspecified vectors.
Recommendations
For versions prior to 10.1 Build 132.8, update to Build 132.8 or later.
For versions 10.5 prior to Build 57.7, update to Build 57.7 or later.
For versions 10.5e prior to Build 56.1505.e, update to Build 56.1505.e or later.
Correção
XSS
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Citrix Netscaler Application Delivery Controller
Netscaler Gateway