Filtered by vendor Citrix Subscriptions
Filtered by product Mpx\/sdx 14080 Fips Subscriptions
Total 4 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2020-8300 1 Citrix 16 Application Delivery Controller, Application Delivery Controller Firmware, Gateway and 13 more 2022-09-20 6.5 Medium
Citrix ADC and Citrix/NetScaler Gateway before 13.0-82.41, 12.1-62.23, 11.1-65.20 and Citrix ADC 12.1-FIPS before 12.1-55.238 suffer from improper access control allowing SAML authentication hijack through a phishing attack to steal a valid user session. Note that Citrix ADC or Citrix Gateway must be configured as a SAML SP or a SAML IdP for this to be possible.
CVE-2021-22927 1 Citrix 16 Application Delivery Controller, Application Delivery Controller Firmware, Gateway and 13 more 2021-08-16 8.1 High
A session fixation vulnerability exists in Citrix ADC and Citrix Gateway 13.0-82.45 when configured SAML service provider that could allow an attacker to hijack a session.
CVE-2021-22919 1 Citrix 21 4000-wo, 4100-wo, 5000-wo and 18 more 2021-08-16 7.5 High
A vulnerability has been discovered in Citrix ADC (formerly known as NetScaler ADC) and Citrix Gateway (formerly known as NetScaler Gateway), and Citrix SD-WAN WANOP Edition models 4000-WO, 4100-WO, 5000-WO, and 5100-WO. These vulnerabilities, if exploited, could lead to the limited available disk space on the appliances being fully consumed.
CVE-2020-8299 1 Citrix 17 Application Delivery Controller, Application Delivery Controller Firmware, Gateway and 14 more 2021-06-24 6.5 Medium
Citrix ADC and Citrix/NetScaler Gateway 13.0 before 13.0-76.29, 12.1-61.18, 11.1-65.20, Citrix ADC 12.1-FIPS before 12.1-55.238, and Citrix SD-WAN WANOP Edition before 11.4.0, 11.3.2, 11.3.1a, 11.2.3a, 11.1.2c, 10.2.9a suffers from uncontrolled resource consumption by way of a network-based denial-of-service from within the same Layer 2 network segment. Note that the attacker must be in the same Layer 2 network segment as the vulnerable appliance.