Vulnerability CVE-2007-6193
Published: 2007-11-29   Modified: 2012-02-12

Description:
The web management interface in Citrix NetScaler 8.0 build 47.8 stores the device's primary IP address in a cookie, which might allow remote attackers to obtain sensitive network configuration information if this address is not the same as the address being used by the web interface.

See advisories in our WLB2 database:
Topic
Author
Date
Med.
Citrix NetScaler Web Management Cookie Weakness
nnposter
02.12.2007

Type:

CWE-200

 (Information Exposure)

CVSS2 => (AV:N/AC:L/Au:N/C:P/I:N/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
5/10
2.9/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
None
None
Affected software
Citrix -> Netscaler 

 References:
http://securityreason.com/securityalert/3409
http://www.securityfocus.com/archive/1/484182/100/0/threaded
Copyright 2024, cxsecurity.com

 

Back to Top