CVE-2017-14602

Name of the Vulnerable Software and Affected Versions Citrix NetScaler Application Delivery Controller versions 10.1 before build 135.18 Citrix NetScaler Application Delivery Controller versions 10.5 before build 66.9 Citrix NetScaler Application Delivery Controller versions 10.5e before build 60.7010.e Citrix NetScaler Application Delivery Controller versions 11.0 before build 70.16 Citrix NetScaler Application Delivery Controller versions 11.1 before build 55.13 Citrix NetScaler Application Delivery Controller versions 12.0 before build 53.13, excluding build 41.24 Citrix NetScaler Gateway versions 10.1 before build 135.18 Citrix NetScaler Gateway versions 10.5 before build 66.9 Citrix NetScaler Gateway versions 10.5e before build 60.7010.e Citrix NetScaler Gateway versions 11.0 before build 70.16 Citrix NetScaler Gateway versions 11.1 before build 55.13 Citrix NetScaler Gateway versions 12.0 before build 53.13, excluding build 41.24

Description The issue is related to insufficient access restrictions in the management interface of Citrix NetScaler Application Delivery Controller and NetScaler Gateway, which could allow a remote attacker to gain administrative access to the device.

Recommendations For Citrix NetScaler Application Delivery Controller version 10.1, update to build 135.18 or later. For Citrix NetScaler Application Delivery Controller version 10.5, update to build 66.9 or later. For Citrix NetScaler Application Delivery Controller version 10.5e, update to build 60.7010.e or later. For Citrix NetScaler Application Delivery Controller version 11.0, update to build 70.16 or later. For Citrix NetScaler Application Delivery Controller version 11.1, update to build 55.13 or later. For Citrix NetScaler Application Delivery Controller version 12.0, update to build 53.13 or later, excluding build 41.24. For Citrix NetScaler Gateway version 10.1, update to build 135.18 or later. For Citrix NetScaler Gateway version 10.5, update to build 66.9 or later. For Citrix NetScaler Gateway version 10.5e, update to build 60.7010.e or later. For Citrix NetScaler Gateway version 11.0, update to build 70.16 or later. For Citrix NetScaler Gateway version 11.1, update to build 55.13 or later. For Citrix NetScaler Gateway version 12.0, update to build 53.13 or later, excluding build 41.24.