PT-2016-5000 · Citrix · Citrix Netscaler Gateway+1
Published
2016-02-17
·
Updated
2016-12-03
·
CVE-2016-2072
CVSS v3.1
6.1
Medium
| Vector | AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway versions 11.x before 11.0 Build 64.34
Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway versions 10.5 before 10.5 Build 59.13
Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway versions 10.5.e before Build 59.1305.e
Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway versions 10.1
Description
The issue allows remote attackers to conduct clickjacking attacks via unspecified vectors. This affects the Administrative Web Interface in the specified products.
Recommendations
For versions 11.x before 11.0 Build 64.34, update to 11.0 Build 64.34 or later.
For versions 10.5 before 10.5 Build 59.13, update to 10.5 Build 59.13 or later.
For versions 10.5.e before Build 59.1305.e, update to Build 59.1305.e or later.
For versions 10.1, update to a newer version that contains a fix for this issue.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Citrix Netscaler Application Delivery Controller
Citrix Netscaler Gateway