CVE-2014-8580

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2014-8580
Citrix NetScaler Application Delivery Controller and NetScaler Gateway 10.5.50.10 before 10.5-52.11, 10.1.122.17 before 10.1-129.11, and 10.1-120.1316.e before 10.1-129.1105.e, when using unspecified configurations, allows remote authenticated users to access "network resources" of other users via unknown vectors.

4.9 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:M/Au:S/C:P/I:P/A:N

Exploitability : 6.8 / Impact : 4.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication SINGLE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact NONE

References
Link Resource
http://secunia.com/advisories/62114
http://support.citrix.com/article/CTX200254 Patch Vendor Advisory
http://www.securitytracker.com/id/1031212
https://exchange.xforce.ibmcloud.com/vulnerabilities/98661
http://secunia.com/advisories/62114
http://support.citrix.com/article/CTX200254 Patch Vendor Advisory
http://www.securitytracker.com/id/1031212
https://exchange.xforce.ibmcloud.com/vulnerabilities/98661
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:citrix:netscaler_application_delivery_controller_firmware:10.1.120.1316.e:*:*:*:*:*:*:*
cpe:2.3:o:citrix:netscaler_application_delivery_controller_firmware:10.1.121:*:*:*:*:*:*:*
cpe:2.3:o:citrix:netscaler_application_delivery_controller_firmware:10.1.122:*:*:*:*:*:*:*
cpe:2.3:o:citrix:netscaler_application_delivery_controller_firmware:10.1.123:*:*:*:*:*:*:*
cpe:2.3:o:citrix:netscaler_application_delivery_controller_firmware:10.1.124:*:*:*:*:*:*:*
cpe:2.3:o:citrix:netscaler_application_delivery_controller_firmware:10.1.125:*:*:*:*:*:*:*
cpe:2.3:o:citrix:netscaler_application_delivery_controller_firmware:10.1.126:*:*:*:*:*:*:*
cpe:2.3:o:citrix:netscaler_application_delivery_controller_firmware:10.1.127:*:*:*:*:*:*:*
cpe:2.3:o:citrix:netscaler_application_delivery_controller_firmware:10.1.128:*:*:*:*:*:*:*
cpe:2.3:o:citrix:netscaler_application_delivery_controller_firmware:10.1.129:*:*:*:*:*:*:*
cpe:2.3:o:citrix:netscaler_application_delivery_controller_firmware:10.5.50.10:*:*:*:*:*:*:*
cpe:2.3:o:citrix:netscaler_application_delivery_controller_firmware:10.5.51.10:*:*:*:*:*:*:*
cpe:2.3:o:citrix:netscaler_gateway_firmware:10.1.120.1316.e:*:*:*:*:*:*:*
cpe:2.3:o:citrix:netscaler_gateway_firmware:10.1.121:*:*:*:*:*:*:*
cpe:2.3:o:citrix:netscaler_gateway_firmware:10.1.122:*:*:*:*:*:*:*
cpe:2.3:o:citrix:netscaler_gateway_firmware:10.1.123:*:*:*:*:*:*:*
cpe:2.3:o:citrix:netscaler_gateway_firmware:10.1.124:*:*:*:*:*:*:*
cpe:2.3:o:citrix:netscaler_gateway_firmware:10.1.125:*:*:*:*:*:*:*
cpe:2.3:o:citrix:netscaler_gateway_firmware:10.1.126:*:*:*:*:*:*:*
cpe:2.3:o:citrix:netscaler_gateway_firmware:10.1.127:*:*:*:*:*:*:*
cpe:2.3:o:citrix:netscaler_gateway_firmware:10.1.128:*:*:*:*:*:*:*
cpe:2.3:o:citrix:netscaler_gateway_firmware:10.1.129:*:*:*:*:*:*:*
cpe:2.3:o:citrix:netscaler_gateway_firmware:10.5.50.10:*:*:*:*:*:*:*
cpe:2.3:o:citrix:netscaler_gateway_firmware:10.5.51.10:*:*:*:*:*:*:*
History

21 Nov 2024, 02:19

Type Values Removed Values Added
References () http://secunia.com/advisories/62114 - () http://secunia.com/advisories/62114 -
References () http://support.citrix.com/article/CTX200254 - Patch, Vendor Advisory () http://support.citrix.com/article/CTX200254 - Patch, Vendor Advisory
References () http://www.securitytracker.com/id/1031212 - () http://www.securitytracker.com/id/1031212 -
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/98661 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/98661 -
Information

Published : 2014-11-07 19:55

Updated : 2025-04-12 10:46

NVD link : CVE-2014-8580

Mitre link : CVE-2014-8580

CVE.ORG link : CVE-2014-8580

JSON object : View

Products Affected

citrix

  • netscaler_application_delivery_controller_firmware
  • netscaler_gateway_firmware
CWE
CWE-264

Permissions, Privileges, and Access Controls