CVE-2022-27505 - OpenCVE

Reflected cross site scripting (XSS)

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction Required

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:N/AC:M/Au:N/C:N/I:P/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Citrix	Sd-wan 4100 Firmware Sd-wan 6100 Firmware Sd-wan 6100 Sd-wan 2100 Sd-wan 2000 Sd-wan 4000 Firmware Sd-wan 210 Sd-wan 210 Firmware Sd-wan 1100 Firmware Sd-wan 4000 Sd-wan 110 Sd-wan 110 Firmware Sd-wan 1100 Sd-wan 410 Firmware Sd-wan 5100 Firmware Sd-wan 5100 Sd-wan 410 Sd-wan 400 Firmware Sd-wan 2000 Firmware Sd-wan 400 Sd-wan 1000 Sd-wan 1000 Firmware Sd-wan 4100 Sd-wan 2100 Firmware

Configuration 1 [-]

AND

cpe:2.3:o:citrix:sd-wan_110_firmware:*:*:*:*:standard:*:*:*

cpe:2.3:h:citrix:sd-wan_110:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:citrix:sd-wan_210_firmware:*:*:*:*:standard:*:*:*

cpe:2.3:h:citrix:sd-wan_210:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:citrix:sd-wan_400_firmware:*:*:*:*:standard:*:*:*

cpe:2.3:h:citrix:sd-wan_400:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:citrix:sd-wan_410_firmware:*:*:*:*:standard:*:*:*

cpe:2.3:h:citrix:sd-wan_410:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

OR	cpe:2.3:o:citrix:sd-wan_1000_firmware:::::premium:::*
	cpe:2.3:o:citrix:sd-wan_1000_firmware:::::standard:::*

cpe:2.3:h:citrix:sd-wan_1000:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

OR	cpe:2.3:o:citrix:sd-wan_2000_firmware:::::premium:::*
	cpe:2.3:o:citrix:sd-wan_2000_firmware:::::standard:::*

cpe:2.3:h:citrix:sd-wan_2000:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND

OR	cpe:2.3:o:citrix:sd-wan_2100_firmware:::::premium:::*
	cpe:2.3:o:citrix:sd-wan_2100_firmware:::::standard:::*

cpe:2.3:h:citrix:sd-wan_2100:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND

cpe:2.3:o:citrix:sd-wan_4000_firmware:*:*:*:*:standard:*:*:*

cpe:2.3:h:citrix:sd-wan_4000:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND

cpe:2.3:o:citrix:sd-wan_4100_firmware:*:*:*:*:standard:*:*:*

cpe:2.3:h:citrix:sd-wan_4100:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND

OR	cpe:2.3:o:citrix:sd-wan_5100_firmware:::::premium:::*
	cpe:2.3:o:citrix:sd-wan_5100_firmware:::::standard:::*

cpe:2.3:h:citrix:sd-wan_5100:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND

OR	cpe:2.3:o:citrix:sd-wan_6100_firmware:::::premium:::*
	cpe:2.3:o:citrix:sd-wan_6100_firmware:::::standard:::*

cpe:2.3:h:citrix:sd-wan_6100:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND

OR	cpe:2.3:o:citrix:sd-wan_1100_firmware:::::premium:::*
	cpe:2.3:o:citrix:sd-wan_1100_firmware:::::standard:::*

cpe:2.3:h:citrix:sd-wan_1100:-:*:*:*:*:*:*:*

References

Link	Resource
https://support.citrix.com/article/CTX370550	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: Citrix

Published: 2022-04-12T00:00:00

Updated: 2022-04-13T17:06:05

Reserved: 2022-03-21T00:00:00

Link: CVE-2022-27505

JSON object: View

NVD Information

Status : Analyzed

Published: 2022-04-13T18:15:14.360

Modified: 2022-04-21T20:21:52.673

Link: CVE-2022-27505

JSON object: View

Redhat Information

No data.

CWE

CWE-79