Improper access control in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 resulting in limited information disclosure to low privileged users.
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Application_delivery_controller_firmware | Citrix | 10.5 (including) | 10.5-70.18 (excluding) |
Application_delivery_controller_firmware | Citrix | 11.1 (including) | 11.1-64.14 (excluding) |
Application_delivery_controller_firmware | Citrix | 12.0 (including) | 12.0-63.21 (excluding) |
Application_delivery_controller_firmware | Citrix | 12.1 (including) | 12.1-57.18 (excluding) |
Application_delivery_controller_firmware | Citrix | 13.0 (including) | 13.0-58.30 (excluding) |