CRITICAL🇵🇱 Wersja polska

CVE-2019-18225

CVSS 9.8v3.1pub. 2019-10-21upd. 2024-11-21

An issue was discovered in Citrix Application Delivery Controller (ADC) and Gateway before 10.5 build 70.8, 11.x before 11.1 build 63.9, 12.0 before build 62.10, 12.1 before build 54.16, and 13.0 before build 41.28. An attacker with management-interface access can bypass authentication to obtain appliance administrative access. These products formerly used the NetScaler brand name.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Citrix Application Delivery Controller

    HW
    Citrix
    wszystkie wersje
  • Citrix Application Delivery Controller Firmware

    OS
    Citrix
    10.511.112.012.113.0
  • Citrix Gateway

    HW
    Citrix
    wszystkie wersje
  • Citrix Gateway Firmware

    OS
    Citrix
    13.0
  • Citrix Netscaler Gateway

    HW
    Citrix
    wszystkie wersje
  • Citrix Netscaler Gateway Firmware

    OS
    Citrix
    10.511.112.012.1
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Auth Bypass
CWE
References

Related vulnerabilities

CVE-2026-3055CRITICAL9.3⚠ KEVPL ✓ten sam produkt

Citrix NetScaler ADC/Gateway — memory overread przez SAML IDP

CVE-2025-7775CRITICAL9.2⚠ KEVPL ✓ten sam produkt

Przepełnienie pamięci w Citrix NetScaler ADC i Gateway — RCE/DoS

CVE-2025-6543CRITICAL9.2⚠ KEVPL ✓ten sam produkt

Przepełnienie pamięci w Citrix NetScaler ADC i Gateway – RCE/DoS przez VPN

CVE-2025-5777CRITICAL9.3⚠ KEVPL ✓ten sam produkt

CitrixBleed 2 — memory overread w Citrix NetScaler ADC i Gateway

CVE-2023-4966CRITICAL9.4⚠ KEVten sam produkt

Sensitive information disclosure in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virt...

CVE-2019-18225 — Citrix — Application Delivery Controller — CRITICAL — CVSS 9.8 | CVEbaza.pl