Vulnerability CVE-2019-12989

Vulnerability CVE-2019-12989

Published: 2019-07-16

Description:

	Topic	Author	Date
High	Citrix SD-WAN Appliance 10.2.2 Authentication Bypass / Remote Command Execution	Chris Lyne	16.07.2019

Type:

(Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection'))

CVSS Base Score	Impact Subscore	Exploitability Subscore
7.5/10	6.4/10	10/10

http://packetstormsecurity.com/files/153638/Citrix-SD-WAN-Appliance-10.2.2-Authentication-Bypass-Remote-Command-Execution.html

http://www.securityfocus.com/bid/109133

https://support.citrix.com/article/CTX251987

https://www.tenable.com/security/research/tra-2019-32