CVE-2007-6192 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2007-6192

CWE

https://cwe.mitre.org/data/definitions/310.html

The web management interface in Citrix NetScaler 8.0 build 47.8 uses weak encryption (XOR of unpadded data) to store credentials within a cookie, which makes it easier for remote attackers to obtain cleartext credentials when a cookie is captured via a known-plaintext attack.

Affected Software

Name	Vendor	Start Version	End Version
Netscaler	Citrix	8.0-build_47.8 (including)	8.0-build_47.8 (including)

References

http://securityreason.com/securityalert/3409
http://securitytracker.com/id?1018991
http://www.securityfocus.com/archive/1/484182/100/0/threaded
https://exchange.xforce.ibmcloud.com/vulnerabilities/38646
http://securityreason.com/securityalert/3409
http://securitytracker.com/id?1018991
http://www.securityfocus.com/archive/1/484182/100/0/threaded
https://exchange.xforce.ibmcloud.com/vulnerabilities/38646