Details of VAR-201509-0317

ID

VAR-201509-0317

CVE

CVE-2015-5538

TITLE

Citrix NetScaler Application Delivery Controller and NetScaler Gateway Vulnerability gained in

Trust: 0.8

sources: JVNDB: JVNDB-2015-004890

DESCRIPTION

Multiple unspecified vulnerabilities in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 10.1 Build 132.8, 10.5 before Build 57.7, and 10.5e before Build 56.1505.e allow remote attackers to gain privileges via unknown vectors, related to the (1) Command Line Interface (CLI) and the (2) Web User Interface (UI). NetScaler ADC is a service and application delivery solution (application delivery controller); NetScaler Gateway is a secure remote access solution. A security vulnerability exists in Citrix Systems NetScaler ADC and NetScaler Gateway. A remote attacker could exploit this vulnerability to gain privileges. The following products and versions are affected: Citrix Systems NetScaler ADC and NetScaler Gateway 10.1 prior to Build 132.8, 10.5 prior to Build 57.7, and 10.5e prior to Build 56.1505.e

Trust: 1.8

sources: NVD: CVE-2015-5538 // JVNDB: JVNDB-2015-004890 // VULHUB: VHN-83499 // VULMON: CVE-2015-5538

AFFECTED PRODUCTS

vendor:	citrix	model:	netscaler application delivery controller	scope:	eq	version:	10.5	Trust: 1.6
vendor:	citrix	model:	netscaler application delivery controller	scope:	eq	version:	10.1	Trust: 1.6
vendor:	citrix	model:	netscaler gateway	scope:	eq	version:	10.5e	Trust: 1.6
vendor:	citrix	model:	netscaler application delivery controller	scope:	eq	version:	10.5e	Trust: 1.6
vendor:	citrix	model:	netscaler gateway	scope:	eq	version:	10.5	Trust: 1.6
vendor:	citrix	model:	netscaler gateway	scope:	eq	version:	10.1	Trust: 1.6
vendor:	citrix	model:	netscaler gateway	scope:	lt	version:	10.5e	Trust: 0.8
vendor:	citrix	model:	netscaler gateway	scope:	lt	version:	10.5	Trust: 0.8
vendor:	citrix	model:	netscaler gateway	scope:	eq	version:	10.5 build 57.7	Trust: 0.8
vendor:	citrix	model:	netscaler application delivery controller	scope:	eq	version:	10.5 build 57.7	Trust: 0.8
vendor:	citrix	model:	netscaler gateway	scope:	eq	version:	10.5e build 56.1505.e	Trust: 0.8
vendor:	citrix	model:	netscaler application delivery controller	scope:	lt	version:	10.5e	Trust: 0.8
vendor:	citrix	model:	netscaler application delivery controller	scope:	eq	version:	10.5e build 56.1505.e	Trust: 0.8
vendor:	citrix	model:	netscaler application delivery controller	scope:	lt	version:	10.5	Trust: 0.8

sources: JVNDB: JVNDB-2015-004890 // CNNVD: CNNVD-201509-223 // NVD: CVE-2015-5538

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2015-5538
value:	HIGH
Trust: 1.0
NVD:	CVE-2015-5538
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201509-223
value:	CRITICAL
Trust: 0.6
VULHUB:	VHN-83499
value:	HIGH
Trust: 0.1
VULMON:	CVE-2015-5538
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2015-5538
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
VULHUB:	VHN-83499
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-83499 // VULMON: CVE-2015-5538 // JVNDB: JVNDB-2015-004890 // CNNVD: CNNVD-201509-223 // NVD: CVE-2015-5538

PROBLEMTYPE DATA

problemtype:

NVD-CWE-noinfo

Trust: 1.0

sources: NVD: CVE-2015-5538

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201509-223

CONFIGURATIONS

sources: JVNDB: JVNDB-2015-004890

PATCH

title:	CTX201334	url:	http://support.citrix.com/article/CTX201334	Trust: 0.8
title:	Citrix Security Bulletins: Citrix NetScaler Application Delivery Controller and NetScaler Gateway Multiple Security Updates	url:	https://vulmon.com/vendoradvisory?qidtp=citrix_security_bulletins&qid=cb922395c3802bcb12cf5bf0bb4f8f49	Trust: 0.1

sources: VULMON: CVE-2015-5538 // JVNDB: JVNDB-2015-004890

EXTERNAL IDS

db:	NVD	id:	CVE-2015-5538	Trust: 2.6
db:	SECTRACK	id:	1033618	Trust: 1.2
db:	JVNDB	id:	JVNDB-2015-004890	Trust: 0.8
db:	CNNVD	id:	CNNVD-201509-223	Trust: 0.7
db:	VULHUB	id:	VHN-83499	Trust: 0.1
db:	VULMON	id:	CVE-2015-5538	Trust: 0.1

sources: VULHUB: VHN-83499 // VULMON: CVE-2015-5538 // JVNDB: JVNDB-2015-004890 // CNNVD: CNNVD-201509-223 // NVD: CVE-2015-5538

REFERENCES

url:	http://support.citrix.com/article/ctx201334	Trust: 1.9
url:	http://www.securitytracker.com/id/1033618	Trust: 1.2
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-5538	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-5538	Trust: 0.8
url:	https://cwe.mitre.org/data/definitions/.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1

sources: VULHUB: VHN-83499 // VULMON: CVE-2015-5538 // JVNDB: JVNDB-2015-004890 // CNNVD: CNNVD-201509-223 // NVD: CVE-2015-5538

SOURCES

db:	VULHUB	id:	VHN-83499
db:	VULMON	id:	CVE-2015-5538
db:	JVNDB	id:	JVNDB-2015-004890
db:	CNNVD	id:	CNNVD-201509-223
db:	NVD	id:	CVE-2015-5538

LAST UPDATE DATE

2024-11-23T22:42:27.495000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-83499	date:	2016-12-22T00:00:00
db:	VULMON	id:	CVE-2015-5538	date:	2016-12-22T00:00:00
db:	JVNDB	id:	JVNDB-2015-004890	date:	2015-09-29T00:00:00
db:	CNNVD	id:	CNNVD-201509-223	date:	2015-09-18T00:00:00
db:	NVD	id:	CVE-2015-5538	date:	2024-11-21T02:33:13.910

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-83499	date:	2015-09-17T00:00:00
db:	VULMON	id:	CVE-2015-5538	date:	2015-09-17T00:00:00
db:	JVNDB	id:	JVNDB-2015-004890	date:	2015-09-29T00:00:00
db:	CNNVD	id:	CNNVD-201509-223	date:	2015-09-18T00:00:00
db:	NVD	id:	CVE-2015-5538	date:	2015-09-17T16:59:02.730