Details of VAR-201803-2076

ID

VAR-201803-2076

CVE

CVE-2018-5314

TITLE

plural Citrix Command injection vulnerability in the product

Trust: 0.8

sources: JVNDB: JVNDB-2018-002511

DESCRIPTION

Command injection vulnerability in Citrix NetScaler ADC and NetScaler Gateway 11.0 before build 70.16, 11.1 before build 55.13, and 12.0 before build 53.13; and the NetScaler Load Balancing instance distributed with NetScaler SD-WAN/CloudBridge 4000, 4100, 5000 and 5100 WAN Optimization Edition 9.3.0 allows remote attackers to execute a system command or read arbitrary files via an SSH login prompt. plural Citrix The product contains a command injection vulnerability.Information may be obtained. Citrix NetScaler ADC and NetScaler Gateway are prone to an authentication-bypass vulnerability. An attacker can exploit this issue to bypass the authentication mechanism. This may aid in further attacks. The following products are affected: Citrix NetScaler ADC and NetScaler Gateway version 12.0 builds 41.16, 41.22, 41.24, 51.24 and 53.6 Citrix NetScaler ADC and NetScaler Gateway version 11.1 builds 51.21, 51.26, 52.13, 53.11, 54.14, 54.16 and 55.10 Citrix NetScaler ADC and NetScaler Gateway version 11.0 build 70.12. Citrix NetScaler Application Delivery Controller, etc. are all products of Citrix Systems (Citrix Systems). NetScaler ADC is a service and application delivery solution (application delivery controller); NetScaler Gateway is a secure remote access solution. A command injection vulnerability exists in the management interface and NetScaler Load Balancing instances in several Citrix products. The following products are affected: NetScaler ADC 11.0 prior to 70.16, 11.1 prior to 55.13, 12.0 prior to 53.13; NetScaler Gateway 11.0 prior to 70.16, 11.1 prior to 55.13, 12.0 prior to 53.13 (management interface); SD-WAN/CloudBridge 4000 WAN Optimization Edition version 9.3.0; 4100 WAN Optimization Edition version 9.3.0; 5000 WAN Optimization Edition version 9.3.0; 5100 WAN Optimization Edition version 9.3.0 (NetScaler Load Balancing instance)

Trust: 1.98

sources: NVD: CVE-2018-5314 // JVNDB: JVNDB-2018-002511 // BID: 103186 // VULHUB: VHN-135345

AFFECTED PRODUCTS

vendor:	citrix	model:	netscaler gateway	scope:	eq	version:	11.1	Trust: 1.6
vendor:	citrix	model:	netscaler sd-wan	scope:	eq	version:	9.3.0	Trust: 1.6
vendor:	citrix	model:	netscaler gateway	scope:	eq	version:	12.0	Trust: 1.6
vendor:	citrix	model:	netscaler gateway	scope:	eq	version:	11.0	Trust: 1.6
vendor:	citrix	model:	netscaler application delivery controller	scope:	eq	version:	11.1	Trust: 1.6
vendor:	citrix	model:	netscaler application delivery controller	scope:	eq	version:	12.0	Trust: 1.6
vendor:	citrix	model:	netscaler application delivery controller	scope:	eq	version:	11.0	Trust: 1.6
vendor:	citrix	model:	netscaler application delivery controller	scope:	-	version:	-	Trust: 0.8
vendor:	citrix	model:	netscaler gateway	scope:	-	version:	-	Trust: 0.8
vendor:	citrix	model:	netscaler sd-wan	scope:	-	version:	-	Trust: 0.8
vendor:	citrix	model:	netscaler gateway build	scope:	eq	version:	12.053.6	Trust: 0.3
vendor:	citrix	model:	netscaler gateway build	scope:	eq	version:	12.051.24	Trust: 0.3
vendor:	citrix	model:	netscaler gateway build	scope:	eq	version:	12.041.24	Trust: 0.3
vendor:	citrix	model:	netscaler gateway build	scope:	eq	version:	12.041.22	Trust: 0.3
vendor:	citrix	model:	netscaler gateway build	scope:	eq	version:	12.041.16	Trust: 0.3
vendor:	citrix	model:	netscaler gateway build	scope:	eq	version:	11.155.10	Trust: 0.3
vendor:	citrix	model:	netscaler gateway build	scope:	eq	version:	11.154.16	Trust: 0.3
vendor:	citrix	model:	netscaler gateway build	scope:	eq	version:	11.154.14	Trust: 0.3
vendor:	citrix	model:	netscaler gateway build	scope:	eq	version:	11.153.11	Trust: 0.3
vendor:	citrix	model:	netscaler gateway build	scope:	eq	version:	11.152.13	Trust: 0.3
vendor:	citrix	model:	netscaler gateway build	scope:	eq	version:	11.151.26	Trust: 0.3
vendor:	citrix	model:	netscaler gateway build	scope:	eq	version:	11.151.21	Trust: 0.3
vendor:	citrix	model:	netscaler gateway build	scope:	eq	version:	11.070.12	Trust: 0.3
vendor:	citrix	model:	netscaler adc build	scope:	eq	version:	12.053.6	Trust: 0.3
vendor:	citrix	model:	netscaler adc build	scope:	eq	version:	12.051.24	Trust: 0.3
vendor:	citrix	model:	netscaler adc build	scope:	eq	version:	12.041.24	Trust: 0.3
vendor:	citrix	model:	netscaler adc build	scope:	eq	version:	12.041.22	Trust: 0.3
vendor:	citrix	model:	netscaler adc build	scope:	eq	version:	12.041.16	Trust: 0.3
vendor:	citrix	model:	netscaler adc build	scope:	eq	version:	11.155.10	Trust: 0.3
vendor:	citrix	model:	netscaler adc build	scope:	eq	version:	11.154.16	Trust: 0.3
vendor:	citrix	model:	netscaler adc build	scope:	eq	version:	11.154.14	Trust: 0.3
vendor:	citrix	model:	netscaler adc build	scope:	eq	version:	11.153.11	Trust: 0.3
vendor:	citrix	model:	netscaler adc build	scope:	eq	version:	11.152.13	Trust: 0.3
vendor:	citrix	model:	netscaler adc build	scope:	eq	version:	11.151.26	Trust: 0.3
vendor:	citrix	model:	netscaler adc build	scope:	eq	version:	11.151.21	Trust: 0.3
vendor:	citrix	model:	netscaler adc build	scope:	eq	version:	11.070.12	Trust: 0.3
vendor:	citrix	model:	netscaler gateway build	scope:	ne	version:	12.053.13	Trust: 0.3
vendor:	citrix	model:	netscaler gateway build	scope:	ne	version:	11.155.13	Trust: 0.3
vendor:	citrix	model:	netscaler gateway build	scope:	ne	version:	11.070.16	Trust: 0.3
vendor:	citrix	model:	netscaler adc build	scope:	ne	version:	12.053.13	Trust: 0.3
vendor:	citrix	model:	netscaler adc build	scope:	ne	version:	11.155.13	Trust: 0.3
vendor:	citrix	model:	netscaler adc build	scope:	ne	version:	11.070.16	Trust: 0.3

sources: BID: 103186 // JVNDB: JVNDB-2018-002511 // CNNVD: CNNVD-201803-031 // NVD: CVE-2018-5314

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2018-5314
value:	HIGH
Trust: 1.0
NVD:	CVE-2018-5314
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201803-031
value:	HIGH
Trust: 0.6
VULHUB:	VHN-135345
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2018-5314
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-135345
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2018-5314
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.0
Trust: 1.8

sources: VULHUB: VHN-135345 // JVNDB: JVNDB-2018-002511 // CNNVD: CNNVD-201803-031 // NVD: CVE-2018-5314

PROBLEMTYPE DATA

problemtype:	CWE-287	Trust: 1.1
problemtype:	CWE-77	Trust: 0.9

sources: VULHUB: VHN-135345 // JVNDB: JVNDB-2018-002511 // NVD: CVE-2018-5314

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201803-031

TYPE

authorization issue

Trust: 0.6

sources: CNNVD: CNNVD-201803-031

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-002511

PATCH

title:	CTX232199	url:	https://support.citrix.com/article/CTX232199	Trust: 0.8
title:	Multiple Citrix Product Command Injection Vulnerability Fixes	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=78826	Trust: 0.6

sources: JVNDB: JVNDB-2018-002511 // CNNVD: CNNVD-201803-031

EXTERNAL IDS

db:	NVD	id:	CVE-2018-5314	Trust: 2.8
db:	BID	id:	103186	Trust: 2.0
db:	SECTRACK	id:	1040439	Trust: 1.7
db:	JVNDB	id:	JVNDB-2018-002511	Trust: 0.8
db:	CNNVD	id:	CNNVD-201803-031	Trust: 0.6
db:	VULHUB	id:	VHN-135345	Trust: 0.1

sources: VULHUB: VHN-135345 // BID: 103186 // JVNDB: JVNDB-2018-002511 // CNNVD: CNNVD-201803-031 // NVD: CVE-2018-5314

REFERENCES

url:	https://support.citrix.com/article/ctx232199	Trust: 2.0
url:	http://www.securityfocus.com/bid/103186	Trust: 1.7
url:	http://www.securitytracker.com/id/1040439	Trust: 1.7
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-5314	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2018-5314	Trust: 0.8
url:	http://www.citrix.com/	Trust: 0.3

sources: VULHUB: VHN-135345 // BID: 103186 // JVNDB: JVNDB-2018-002511 // CNNVD: CNNVD-201803-031 // NVD: CVE-2018-5314

CREDITS

xcuter, blankcon, nullbr4in, loupos, koredge of NAVER BUSINESS PLATFORM.

Trust: 0.3

sources: BID: 103186

SOURCES

db:	VULHUB	id:	VHN-135345
db:	BID	id:	103186
db:	JVNDB	id:	JVNDB-2018-002511
db:	CNNVD	id:	CNNVD-201803-031
db:	NVD	id:	CVE-2018-5314

LAST UPDATE DATE

2024-11-23T22:17:36.870000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-135345	date:	2019-10-03T00:00:00
db:	BID	id:	103186	date:	2018-02-28T00:00:00
db:	JVNDB	id:	JVNDB-2018-002511	date:	2018-04-16T00:00:00
db:	CNNVD	id:	CNNVD-201803-031	date:	2019-10-23T00:00:00
db:	NVD	id:	CVE-2018-5314	date:	2024-11-21T04:08:34.450

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-135345	date:	2018-03-01T00:00:00
db:	BID	id:	103186	date:	2018-02-28T00:00:00
db:	JVNDB	id:	JVNDB-2018-002511	date:	2018-04-16T00:00:00
db:	CNNVD	id:	CNNVD-201803-031	date:	2018-03-02T00:00:00
db:	NVD	id:	CVE-2018-5314	date:	2018-03-01T17:29:00.477