Authenticated user can access unintended user capabilities in NetScaler ADC and NetScaler Gateway if the appliance must be configured as a Gateway (SSL VPN, ICA Proxy, CVPN, RDP Proxy) with KCDAccount configuration for Kerberos SSO to access backend resources OR the appliance must be configured as an Auth Server (AAA Vserver) with KCDAccount configuration for Kerberos SSO to access backend resources
Metrics
Affected Vendors & Products
References
History
Fri, 22 Nov 2024 12:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
cvssV3_1
|
Wed, 13 Nov 2024 21:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Netscaler
Netscaler adc Netscaler gateway |
|
Weaknesses | CWE-552 | |
CPEs | cpe:2.3:a:netscaler:adc:*:*:*:*:*:*:*:* cpe:2.3:a:netscaler:gateway:*:*:*:*:*:*:*:* |
|
Vendors & Products |
Netscaler
Netscaler adc Netscaler gateway |
|
Metrics |
cvssV3_1
|
Tue, 12 Nov 2024 18:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Authenticated user can access unintended user capabilities in NetScaler ADC and NetScaler Gateway if the appliance must be configured as a Gateway (SSL VPN, ICA Proxy, CVPN, RDP Proxy) with KCDAccount configuration for Kerberos SSO to access backend resources OR the appliance must be configured as an Auth Server (AAA Vserver) with KCDAccount configuration for Kerberos SSO to access backend resources | |
Title | Authenticated user can access unintended user capabilities | |
References |
| |
Metrics |
cvssV4_0
|
MITRE
Status: PUBLISHED
Assigner: Citrix
Published: 2024-11-12T18:28:51.398Z
Updated: 2024-11-21T16:18:12.855Z
Reserved: 2024-09-06T17:18:27.467Z
Link: CVE-2024-8535
Vulnrichment
Updated: 2024-11-13T20:04:59.698Z
NVD
Status : Awaiting Analysis
Published: 2024-11-12T19:15:19.040
Modified: 2024-11-21T17:15:26.630
Link: CVE-2024-8535
Redhat
No data.