threat
engine
.sh
Back
·
··:··
Home
/
Product
/
citrix application delivery controller firmware
Product
citrix application delivery controller firmware
30 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2019-18177
< 13.0-58.30
In certain Citrix products, information disclosure can be achieved by an authenticated VPN user when there is a configured SSL VPN
6.5
MEDIUM
CVE-2022-27518
>= 12.1 and < 12.1-65.25
Unauthenticated remote arbitrary code execution
9.8
CRITICAL
CVE-2022-27516
>= 12.1 and < 12.1-65.21
User login brute force protection functionality bypass
5.3
MEDIUM
CVE-2022-27513
>= 12.1 and < 12.1-65.21
Remote desktop takeover via phishing
8.3
HIGH
CVE-2022-27510
>= 12.1 and < 12.1-65.21
Unauthorized access to Gateway user capabilities
9.8
CRITICAL
CVE-2022-27509
>= 12.1 and < 12.1-65.15
Unauthenticated redirection to a malicious website
6.1
MEDIUM
CVE-2021-22956
< 11.1-65.23
An uncontrolled resource consumption vulnerability exists in Citrix ADC <13.0-83.27, <12.1-63.22 and 11.1-65.23 that could allow a
7.5
HIGH
CVE-2021-22955
<= 11.1-65.23
A unauthenticated denial of service vulnerability exists in Citrix ADC <13.0-83.27, <12.1-63.22 and 11.1-65.23 when configured as
7.5
HIGH
CVE-2021-22927
>= 11.1 and < 11.1-65.22
A session fixation vulnerability exists in Citrix ADC and Citrix Gateway 13.0-82.45 when configured SAML service provider that cou
8.1
HIGH
CVE-2021-22919
>= 11.1 and < 11.1-65.22
A vulnerability has been discovered in Citrix ADC (formerly known as NetScaler ADC) and Citrix Gateway (formerly known as NetScale
7.5
HIGH
CVE-2020-8300
>= 11.1 and < 11.1-65.20
Citrix ADC and Citrix/NetScaler Gateway before 13.0-82.41, 12.1-62.23, 11.1-65.20 and Citrix ADC 12.1-FIPS before 12.1-55.238 suff
6.5
MEDIUM
CVE-2020-8299
>= 11.1 and < 11.1-65.20
Citrix ADC and Citrix/NetScaler Gateway 13.0 before 13.0-76.29, 12.1-61.18, 11.1-65.20, Citrix ADC 12.1-FIPS before 12.1-55.238, a
6.5
MEDIUM
CVE-2020-8247
>= 11.1 and < 11.1-65.12
Citrix ADC and Citrix Gateway 13.0 before 13.0-64.35, Citrix ADC and NetScaler Gateway 12.1 before 12.1-58.15, Citrix ADC 12.1-FIP
8.8
HIGH
CVE-2020-8246
>= 11.1 and < 11.1-65.12
Citrix ADC and Citrix Gateway 13.0 before 13.0-64.35, Citrix ADC and NetScaler Gateway 12.1 before 12.1-58.15, Citrix ADC 12.1-FIP
7.5
HIGH
CVE-2020-8245
>= 11.1 and < 11.1-65.12
Improper Input Validation on Citrix ADC and Citrix Gateway 13.0 before 13.0-64.35, Citrix ADC and NetScaler Gateway 12.1 before 12
6.1
MEDIUM
CVE-2020-8198
>= 10.5 and < 10.5-70.18
Improper input validation in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5
6.1
MEDIUM
CVE-2020-8197
>= 10.5 and < 10.5-70.18
Privilege escalation vulnerability on Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14
8.8
HIGH
CVE-2020-8196
>= 10.5 and < 10.5-70.18
Improper access control in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-7
4.3
MEDIUM
CVE-2020-8195
>= 10.5 and < 10.5-70.18
Improper input validation in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5
6.5
MEDIUM
CVE-2020-8194
>= 10.5 and < 10.5-70.18
Reflected code injection in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-
6.5
MEDIUM
CVE-2020-8193
>= 10.5 and < 10.5-70.18
Improper access control in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-7
6.5
MEDIUM
CVE-2020-8191
>= 10.5 and < 10.5-70.18
Improper input validation in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5
6.1
MEDIUM
CVE-2020-8190
>= 10.5 and < 10.5-70.18
Incorrect file permissions in Citrix ADC and Citrix Gateway before versions 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.
7.5
HIGH
CVE-2020-8187
>= 11.1 and < 11.1-63.9
Improper input validation in Citrix ADC and Citrix Gateway versions before 11.1-63.9 and 12.0-62.10 allows unauthenticated users t
7.5
HIGH
CVE-2019-19781
all versions
An issue was discovered in Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0. They allow D
9.8
CRITICAL
CVE-2019-18225
all versions
An issue was discovered in Citrix Application Delivery Controller (ADC) and Gateway before 10.5 build 70.8, 11.x before 11.1 build
9.8
CRITICAL
CVE-2018-7218
all versions
The AppFirewall functionality in Citrix NetScaler Application Delivery Controller and NetScaler Gateway 10.5 before Build 68.7, 11
9.8
CRITICAL
CVE-2017-17549
all versions
Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 10.5 before build 67.13, 11.0 before build 71.22, 11.
5.9
MEDIUM
CVE-2017-17382
all versions
Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 10.5 before build 67.13, 11.0 before build 71.22, 11.
5.9
MEDIUM
CVE-2017-14602
all versions
A vulnerability has been identified in the management interface of Citrix NetScaler Application Delivery Controller (ADC) and NetS
7.2
HIGH
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin