Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2018-5314

Опубликовано: 01 мар. 2018
Источник: nvd
CVSS3: 7.5
CVSS2: 5
EPSS Низкий

Описание

Command injection vulnerability in Citrix NetScaler ADC and NetScaler Gateway 11.0 before build 70.16, 11.1 before build 55.13, and 12.0 before build 53.13; and the NetScaler Load Balancing instance distributed with NetScaler SD-WAN/CloudBridge 4000, 4100, 5000 and 5100 WAN Optimization Edition 9.3.0 allows remote attackers to execute a system command or read arbitrary files via an SSH login prompt.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:citrix:netscaler_application_delivery_controller:11.0:*:*:*:*:*:*:*
cpe:2.3:a:citrix:netscaler_application_delivery_controller:11.1:*:*:*:*:*:*:*
cpe:2.3:a:citrix:netscaler_application_delivery_controller:12.0:*:*:*:*:*:*:*
cpe:2.3:a:citrix:netscaler_gateway:11.0:*:*:*:*:*:*:*
cpe:2.3:a:citrix:netscaler_gateway:11.1:*:*:*:*:*:*:*
cpe:2.3:a:citrix:netscaler_gateway:12.0:*:*:*:*:*:*:*
cpe:2.3:a:citrix:netscaler_sd-wan:9.3.0:*:*:*:wan_optimization:*:*:*

EPSS

Процентиль: 87%
0.03308
Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-287

Связанные уязвимости

github логотип

GHSA-q654-j343-6r89

CVSS3: 7.5
github
больше 3 лет назад

Command injection vulnerability in Citrix NetScaler ADC and NetScaler Gateway 11.0 before build 70.16, 11.1 before build 55.13, and 12.0 before build 53.13; and the NetScaler Load Balancing instance distributed with NetScaler SD-WAN/CloudBridge 4000, 4100, 5000 and 5100 WAN Optimization Edition 9.3.0 allows remote attackers to execute a system command or read arbitrary files via an SSH login prompt.

EPSS

Процентиль: 87%
0.03308
Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-287