CVE-2017-14602

HIGH Year: 2017
CVSS v3 Score
7.2
High
CVSS v2 Score
9.0
Critical
Weakness Type
CWE-287
View all →

Vulnerability Description

A vulnerability has been identified in the management interface of Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 10.1 before build 135.18, 10.5 before build 66.9, 10.5e before build 60.7010.e, 11.0 before build 70.16, 11.1 before build 55.13, and 12.0 before build 53.13 (except for build 41.24) that, if exploited, could allow an attacker with access to the NetScaler management interface to gain administrative access to the appliance.

Related Vulnerabilities

CVE-2016-10831

HIGH
CVSS:7.2(High)

cPanel before 55.9999.141 does not perform as two-factor authentication check when possessing another account (SEC-101).

CWE-2872016

CVE-2017-15519

HIGH
CVSS:7.2(High)

Versions of SnapCenter 2.0 through 3.0.1 allow unauthenticated remote attackers to view and modify backup related data via the Plug-in for NAS File Services. All users are urged to move to version 3.0...

CWE-2872017

CVE-2018-0116

HIGH
CVSS:7.2(High)

A vulnerability in the RADIUS authentication module of Cisco Policy Suite could allow an unauthenticated, remote attacker to be authorized as a subscriber without providing a valid password; however, ...

CWE-2872018

CVE-2018-7067

HIGH
CVSS:7.2(High)

A Remote Authentication bypass in Aruba ClearPass Policy Manager leads to complete cluster compromise. An authentication flaw in all versions of ClearPass could allow an attacker to compromise the ent...

CWE-2872018

CVE-2019-14705

HIGH
CVSS:7.2(High)

An Incorrect Access Control issue was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5 because any valid cookie can be used to make requests as an admin.

CWE-2872019

CVE-2020-13290

HIGH
CVSS:7.2(High)

In GitLab before 13.0.12, 13.1.6, and 13.2.3, improper access control was used on the Applications page

CWE-2872020