Improper Control of Generation of Code ('Code Injection') in NetScaler ADC and NetScaler Gateway allows an attacker with access to NSIP, CLIP or SNIP with management interface to perform Authenticated (low privileged) remote code execution on Management Interface.
References
Configurations
Configuration 1 (hide)
|
History
25 Jan 2024, 16:45
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 8.8 |
CWE | CWE-94 | |
References | () https://support.citrix.com/article/CTX584986/netscaler-adc-and-netscaler-gateway-security-bulletin-for-cve20236548-and-cve20236549 - Vendor Advisory | |
CPE | cpe:2.3:a:citrix:netscaler_application_delivery_controller:*:*:*:*:-:*:*:* cpe:2.3:a:citrix:netscaler_gateway:*:*:*:*:*:*:*:* cpe:2.3:a:citrix:netscaler_application_delivery_controller:*:*:*:*:fips:*:*:* cpe:2.3:a:citrix:netscaler_application_delivery_controller:*:*:*:*:ndcpp:*:*:* |
19 Jan 2024, 02:00
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-01-17 20:15
Updated : 2024-02-05 00:22
NVD link : CVE-2023-6548
Mitre link : CVE-2023-6548
CVE.ORG link : CVE-2023-6548
JSON object : View
Products Affected
citrix
- netscaler_application_delivery_controller
- netscaler_gateway
CWE
CWE-94
Improper Control of Generation of Code ('Code Injection')