Details of VAR-201802-0928

ID

VAR-201802-0928

CVE

CVE-2018-6186

TITLE

Citrix NetScaler VPX Server-side request forgery vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2018-001751

DESCRIPTION

Citrix NetScaler VPX through NS12.0 53.13.nc allows an SSRF attack via the /rapi/read_url URI by an authenticated attacker who has a webapp account. The attacker can gain access to the nsroot account, and execute remote commands with root privileges. Citrix NetScaler VPX Contains a server-side request forgery vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. NetScaler VPX provides complete NetScalerWeb and application load balancing, security and remote access, acceleration, security and offload capabilities with simple, easy-to-install virtual appliances. A server-side request forgery vulnerability exists in CitrixNetScalerVPX. Citrix NetScaler VPX is prone to a privilege-escalation vulnerability

Trust: 2.52

sources: NVD: CVE-2018-6186 // JVNDB: JVNDB-2018-001751 // CNVD: CNVD-2018-03806 // BID: 102915 // VULMON: CVE-2018-6186

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2018-03806

AFFECTED PRODUCTS

vendor:	citrix	model:	netscaler	scope:	eq	version:	12.0	Trust: 1.6
vendor:	citrix	model:	netscaler vpx	scope:	eq	version:	9.3	Trust: 0.9
vendor:	citrix	model:	netscaler vpx 12.0.build	scope:	eq	version:	53.13	Trust: 0.9
vendor:	citrix	model:	netscaler vpx	scope:	eq	version:	10.0	Trust: 0.9
vendor:	citrix	model:	netscaler	scope:	lte	version:	vpx ns12.0 53.13.nc	Trust: 0.8

sources: CNVD: CNVD-2018-03806 // BID: 102915 // JVNDB: JVNDB-2018-001751 // CNNVD: CNNVD-201802-012 // NVD: CVE-2018-6186

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2018-6186
value:	HIGH
Trust: 1.0
NVD:	CVE-2018-6186
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2018-03806
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201802-012
value:	CRITICAL
Trust: 0.6
VULMON:	CVE-2018-6186
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2018-6186
severity:	HIGH
baseScore:	9.0
vectorString:	AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
CNVD:	CNVD-2018-03806
severity:	HIGH
baseScore:	9.0
vectorString:	AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

nvd@nist.gov:	CVE-2018-6186
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	5.9
version:	3.0
Trust: 1.8

sources: CNVD: CNVD-2018-03806 // VULMON: CVE-2018-6186 // JVNDB: JVNDB-2018-001751 // CNNVD: CNNVD-201802-012 // NVD: CVE-2018-6186

PROBLEMTYPE DATA

problemtype:

CWE-918

Trust: 1.8

sources: JVNDB: JVNDB-2018-001751 // NVD: CVE-2018-6186

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201802-012

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-201802-012

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-001751

PATCH

title:	CTX232161	url:	https://support.citrix.com/article/CTX232161	Trust: 0.8
title:	Citrix Security Bulletins: Citrix NetScaler Application Delivery Controller and NetScaler Gateway Multiple Security Updates	url:	https://vulmon.com/vendoradvisory?qidtp=citrix_security_bulletins&qid=cf8a157f0a34d7fb512f6c61c9c75a50	Trust: 0.1

sources: VULMON: CVE-2018-6186 // JVNDB: JVNDB-2018-001751

EXTERNAL IDS

db:	NVD	id:	CVE-2018-6186	Trust: 3.4
db:	BID	id:	102915	Trust: 1.4
db:	SECTRACK	id:	1040440	Trust: 1.1
db:	JVNDB	id:	JVNDB-2018-001751	Trust: 0.8
db:	CNVD	id:	CNVD-2018-03806	Trust: 0.6
db:	CNNVD	id:	CNNVD-201802-012	Trust: 0.6
db:	VULMON	id:	CVE-2018-6186	Trust: 0.1

sources: CNVD: CNVD-2018-03806 // VULMON: CVE-2018-6186 // BID: 102915 // JVNDB: JVNDB-2018-001751 // CNNVD: CNNVD-201802-012 // NVD: CVE-2018-6186

REFERENCES

url:	https://gist.github.com/buxu/04ce809eb8b32ef57e232eab5e61f023	Trust: 2.0
url:	https://nvd.nist.gov/vuln/detail/cve-2018-6186	Trust: 1.4
url:	http://www.securityfocus.com/bid/102915	Trust: 1.2
url:	https://support.citrix.com/article/ctx232161	Trust: 1.2
url:	http://www.securitytracker.com/id/1040440	Trust: 1.1
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-6186	Trust: 0.8
url:	http://www.citrix.com/	Trust: 0.3
url:	https://cwe.mitre.org/data/definitions/918.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1

sources: CNVD: CNVD-2018-03806 // VULMON: CVE-2018-6186 // BID: 102915 // JVNDB: JVNDB-2018-001751 // CNNVD: CNNVD-201802-012 // NVD: CVE-2018-6186

CREDITS

buxu

Trust: 0.3

sources: BID: 102915

SOURCES

db:	CNVD	id:	CNVD-2018-03806
db:	VULMON	id:	CVE-2018-6186
db:	BID	id:	102915
db:	JVNDB	id:	JVNDB-2018-001751
db:	CNNVD	id:	CNNVD-201802-012
db:	NVD	id:	CVE-2018-6186

LAST UPDATE DATE

2024-11-23T22:26:25.904000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2018-03806	date:	2018-02-28T00:00:00
db:	VULMON	id:	CVE-2018-6186	date:	2018-03-03T00:00:00
db:	BID	id:	102915	date:	2018-02-01T00:00:00
db:	JVNDB	id:	JVNDB-2018-001751	date:	2018-03-06T00:00:00
db:	CNNVD	id:	CNNVD-201802-012	date:	2018-02-02T00:00:00
db:	NVD	id:	CVE-2018-6186	date:	2024-11-21T04:10:14.873

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2018-03806	date:	2018-02-28T00:00:00
db:	VULMON	id:	CVE-2018-6186	date:	2018-02-01T00:00:00
db:	BID	id:	102915	date:	2018-02-01T00:00:00
db:	JVNDB	id:	JVNDB-2018-001751	date:	2018-03-06T00:00:00
db:	CNNVD	id:	CNNVD-201802-012	date:	2018-02-02T00:00:00
db:	NVD	id:	CVE-2018-6186	date:	2018-02-01T14:29:00.560