CVE-2023-6549
HIGH
8,2
Source: [email protected]
Attack Vector: network
Attack Complexity: low
Privileges Required: none
User Interaction: none
Scope: unchanged
Confidentiality: none
Integrity: low
Availability: high
Description
AI Translation Available
Improper Restriction of Operations within the Bounds of a Memory Buffer in NetScaler ADC and NetScaler Gateway allows Unauthenticated Denial of Service and Out-Of-Bounds Memory Read
EPSS (Exploit Prediction Scoring System)
Trend Analysis
EPSS (Exploit Prediction Scoring System)
Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.
EPSS Score
0,7701
Percentile
1,0th
Updated
EPSS Score Trend (Last 90 Days)
119
Improper Restriction of Operations within the Bounds of a Memory Buffer
StableCommon Consequences
Security Scopes Affected:
Integrity
Confidentiality
Availability
Potential Impacts:
Execute Unauthorized Code Or Commands
Modify Memory
Read Memory
Dos: Crash, Exit, Or Restart
Dos: Resource Consumption (Cpu)
Dos: Resource Consumption (Memory)
Applicable Platforms
Languages:
Assembly, C, C++, Memory-Unsafe
Application
Netscaler Gateway by Citrix
Version Range Affected
From
14.1
(inclusive)
To
14.1-12.35
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:citrix:netscaler_gateway:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Netscaler Application Delivery Controller by Citrix
Version Range Affected
From
13.1
(inclusive)
To
13.1-51.15
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:citrix:netscaler_application_delivery_controller:*:*:*:*:-:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Netscaler Application Delivery Controller by Citrix
Version Range Affected
From
14.1
(inclusive)
To
14.1-12.35
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:citrix:netscaler_application_delivery_controller:*:*:*:*:-:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Netscaler Gateway by Citrix
Version Range Affected
From
13.0
(inclusive)
To
13.0-92.21
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:citrix:netscaler_gateway:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Netscaler Application Delivery Controller by Citrix
Version Range Affected
From
13.1
(inclusive)
To
13.1-37.176
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:citrix:netscaler_application_delivery_controller:*:*:*:*:fips:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Netscaler Application Delivery Controller by Citrix
Version Range Affected
From
12.1
(inclusive)
To
12.1-55.302
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:citrix:netscaler_application_delivery_controller:*:*:*:*:ndcpp:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Netscaler Application Delivery Controller by Citrix
Version Range Affected
From
12.1
(inclusive)
To
12.1-55.302
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:citrix:netscaler_application_delivery_controller:*:*:*:*:fips:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Netscaler Gateway by Citrix
Version Range Affected
From
13.1
(inclusive)
To
13.1-51.15
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:citrix:netscaler_gateway:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Netscaler Application Delivery Controller by Citrix
Version Range Affected
From
13.0
(inclusive)
To
13.0-92.21
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:citrix:netscaler_application_delivery_controller:*:*:*:*:-:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023…
https://support.citrix.com/article/CTX584986/netscaler-adc-and-netscaler-gatewa…
https://support.citrix.com/article/CTX584986/netscaler-adc-and-netscaler-gatewa…