GradeZero Music Band

Monday, October 22, 2018

Citrix NetScaler SD-WAN bugs/fixes

Multiple vulnerabilities have been identified in the management interface of Citrix NetScaler SD-WAN physical appliances and virtual appliances. Collectively these vulnerabilities could allow an unauthenticated attacker with access to the management interface to compromise the host.



CVE-2018-17444 - Directory traversal in Citrix SD-WAN 10.1.0 and NetScaler SD-WAN 9.3.x before 9.3.6 and 10.0.x before 10.0.4.

CVE-2018-17445 - Command Injection in Citrix SD-WAN 10.1.0 and NetScaler SD-WAN 9.3.x before 9.3.6 and 10.0.x before 10.0.4.

CVE-2018-17446 - SQL Injection in in Citrix SD-WAN 10.1.0 and NetScaler SD-WAN 9.3.x before 9.3.6 and 10.0.x before 10.0.4.

CVE-2018-17447 - Information exposure through log files in Citrix SD-WAN 10.1.0 and NetScaler SD-WAN 9.3.x before 9.3.6 and 10.0.x before 10.0.4.

CVE-2018-17448 - Incorrect Access Controls in Citrix SD-WAN 10.1.0 and NetScaler SD-WAN 9.3.x before 9.3.6 and 10.0.x before 10.0.4.

CVE-2012-2104 - Munin Remote Command Injection Vulnerability.

CVE-2016-4793 - The clientIp function in CakePHP 3.2.4 and earlier allows remote attackers to spoof their IP via the CLIENT-IP HTTP header.

Citrix NetScaler SD-WAN WAN Optimization Edition is not affected.

Credits

Denis Kolegov, Nikita Oleksov, Nikolay Tkachenko, Oleg Broslavsky, Sergey Gordeychik

Kudos

Citrix Security Response Team

Details

Black Hat slides.
Upcoming talks at  CodeBlue and Power of Community.

Enjoy 

No comments:

Post a Comment