Details of VAR-201606-0028

ID

VAR-201606-0028

CVE

CVE-2016-4945

TITLE

Citrix NetScaler Gateway of vpn/js/gateway_login_form_view.js Vulnerable to cross-site scripting

Trust: 0.8

sources: JVNDB: JVNDB-2016-002978

DESCRIPTION

Cross-site scripting (XSS) vulnerability in vpn/js/gateway_login_form_view.js in Citrix NetScaler Gateway 11.0 before Build 66.11 allows remote attackers to inject arbitrary web script or HTML via the NSC_TMAC cookie. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. Citrix NetScaler Gateway 11.x versions prior to 11.0 Build 66.11 are vulnerable. Note: Citrix NetScaler Gateway is formerly known as Citrix Access Gateway Enterprise Edition. This solution provides administrators with application-level and data-level control functions to enable users to remotely access applications and data from any location

Trust: 1.98

sources: NVD: CVE-2016-4945 // JVNDB: JVNDB-2016-002978 // BID: 90930 // VULHUB: VHN-93764

AFFECTED PRODUCTS

vendor:	citrix	model:	netscaler gateway 11.0	scope:	lte	version:	65.35	Trust: 1.0
vendor:	citrix	model:	netscaler gateway	scope:	lt	version:	11.0	Trust: 0.8
vendor:	citrix	model:	netscaler gateway	scope:	-	version:	-	Trust: 0.8
vendor:	citrix	model:	netscaler gateway	scope:	eq	version:	11.0 build 66.11	Trust: 0.8
vendor:	citrix	model:	netscaler gateway 11.0	scope:	eq	version:	-	Trust: 0.6

sources: JVNDB: JVNDB-2016-002978 // CNNVD: CNNVD-201605-705 // NVD: CVE-2016-4945

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2016-4945
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2016-4945
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-201605-705
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-93764
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2016-4945
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-93764
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2016-4945
baseSeverity:	MEDIUM
baseScore:	6.1
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	CHANGED
confidentialityImpact:	LOW
integrityImpact:	LOW
availabilityImpact:	NONE
exploitabilityScore:	2.8
impactScore:	2.7
version:	3.0
Trust: 1.8

sources: VULHUB: VHN-93764 // JVNDB: JVNDB-2016-002978 // CNNVD: CNNVD-201605-705 // NVD: CVE-2016-4945

PROBLEMTYPE DATA

problemtype:

CWE-79

Trust: 1.9

sources: VULHUB: VHN-93764 // JVNDB: JVNDB-2016-002978 // NVD: CVE-2016-4945

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201605-705

TYPE

XSS

Trust: 0.6

sources: CNNVD: CNNVD-201605-705

CONFIGURATIONS

sources: JVNDB: JVNDB-2016-002978

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-93764

PATCH

title:	CTX213313	url:	http://support.citrix.com/article/CTX213313	Trust: 0.8
title:	Citrix NetScaler Gateway Fixes for cross-site scripting vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=62014	Trust: 0.6

sources: JVNDB: JVNDB-2016-002978 // CNNVD: CNNVD-201605-705

EXTERNAL IDS

db:	NVD	id:	CVE-2016-4945	Trust: 2.8
db:	PACKETSTORM	id:	137221	Trust: 1.7
db:	SECTRACK	id:	1036020	Trust: 1.1
db:	JVNDB	id:	JVNDB-2016-002978	Trust: 0.8
db:	CNNVD	id:	CNNVD-201605-705	Trust: 0.7
db:	BID	id:	90930	Trust: 0.4
db:	VULHUB	id:	VHN-93764	Trust: 0.1

sources: VULHUB: VHN-93764 // BID: 90930 // JVNDB: JVNDB-2016-002978 // CNNVD: CNNVD-201605-705 // NVD: CVE-2016-4945

REFERENCES

url:	http://support.citrix.com/article/ctx213313	Trust: 1.7
url:	http://packetstormsecurity.com/files/137221/citrix-netscaler-11.0-build-64.35-cross-site-scripting.html	Trust: 1.7
url:	http://persicon.com/tl_files/advisories/persicon-advisory-2016-no-1-citrix.txt	Trust: 1.7
url:	http://www.securityfocus.com/archive/1/538515/100/0/threaded	Trust: 1.1
url:	http://www.securitytracker.com/id/1036020	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-4945	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-4945	Trust: 0.8
url:	http://www.securityfocus.com/archive/1/archive/1/538515/100/0/threaded	Trust: 0.6
url:	http://www.citrix.com	Trust: 0.3

sources: VULHUB: VHN-93764 // BID: 90930 // JVNDB: JVNDB-2016-002978 // CNNVD: CNNVD-201605-705 // NVD: CVE-2016-4945

CREDITS

Daniel Schliebner of PERSICON consultancy GmbH

Trust: 0.6

sources: CNNVD: CNNVD-201605-705

SOURCES

db:	VULHUB	id:	VHN-93764
db:	BID	id:	90930
db:	JVNDB	id:	JVNDB-2016-002978
db:	CNNVD	id:	CNNVD-201605-705
db:	NVD	id:	CVE-2016-4945

LAST UPDATE DATE

2024-11-23T23:05:35.757000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-93764	date:	2018-10-09T00:00:00
db:	BID	id:	90930	date:	2016-05-26T00:00:00
db:	JVNDB	id:	JVNDB-2016-002978	date:	2016-06-03T00:00:00
db:	CNNVD	id:	CNNVD-201605-705	date:	2016-06-02T00:00:00
db:	NVD	id:	CVE-2016-4945	date:	2024-11-21T02:53:15.867

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-93764	date:	2016-06-01T00:00:00
db:	BID	id:	90930	date:	2016-05-26T00:00:00
db:	JVNDB	id:	JVNDB-2016-002978	date:	2016-06-03T00:00:00
db:	CNNVD	id:	CNNVD-201605-705	date:	2016-05-31T00:00:00
db:	NVD	id:	CVE-2016-4945	date:	2016-06-01T22:59:06.940