CVE-2009-2213

Sažetak

The default configuration of the Security global settings on the Citrix NetScaler Access Gateway appliance with Enterprise Edition firmware 9.0, 8.1, and earlier specifies Allow for the Default Authorization Action option, which might allow remote authenticated users to bypass intended access restrictions.

Reference

http://support.citrix.com/article/CTX118770
http://www.securityfocus.com/bid/35422
http://www.vupen.com/english/advisories/2009/1641
https://exchange.xforce.ibmcloud.com/vulnerabilities/51274

CVSS

Base:	6.3
Impact:	6.9
Exploitability:	6.8

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	NONE	NONE

CVSS vektor

AV:N/AC:M/Au:S/C:C/I:N/A:N

Zadnje važnije ažuriranje

09-01-2024 - 02:42

Objavljeno

25-06-2009 - 23:14