PT-2007-7082 · Citrix · Citrix Netscaler

Nnposter

Published

2007-11-30

Updated

2018-10-15

CVE-2007-6192

CVSS v2.0

4.3

Medium

Vector

AV:N/AC:M/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions Citrix NetScaler version 8.0 build 47.8

Description The web management interface uses weak encryption to store credentials within a cookie, making it easier for remote attackers to obtain cleartext credentials when a cookie is captured via a known-plaintext attack.

Recommendations For Citrix NetScaler version 8.0 build 47.8, consider disabling the use of cookies for credential storage until a patch is available. Restrict access to the web management interface to minimize the risk of exploitation.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-310

Related Identifiers

CVE-2007-6192

Affected Products

Citrix Netscaler

PT-2007-7082 · Citrix · Citrix Netscaler

CVE-2007-6192

Weakness Enumeration

Related Identifiers

Affected Products

References · 6