Citrix Application Delivery Controller Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Citrix Application Delivery Controller Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVE-2019-18225 — CVSS 9.8 (critical): An issue was discovered in Citrix Application Delivery Controller (ADC) and Gateway before 10.5 build 70.8, 11.x before 11.1 build 63.9…
CVE-2018-7218 — CVSS 9.8 (critical): The AppFirewall functionality in Citrix NetScaler Application Delivery Controller and NetScaler Gateway 10.5 before Build 68.7, 11.0 before…
CVE-2020-8247 — CVSS 8.8 (high): Citrix ADC and Citrix Gateway 13.0 before 13.0-64.35, Citrix ADC and NetScaler Gateway 12.1 before 12.1-58.15, Citrix ADC 12.1-FIPS before…
CVE-2020-8197 — CVSS 8.8 (high): Privilege escalation vulnerability on Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and…
CVE-2021-22927 — CVSS 8.1 (high): A session fixation vulnerability exists in Citrix ADC and Citrix Gateway 13.0-82.45 when configured SAML service provider that could allow…
CVE-2020-8187 — CVSS 7.5 (high): Improper input validation in Citrix ADC and Citrix Gateway versions before 11.1-63.9 and 12.0-62.10 allows unauthenticated users to perform…
CVE-2020-8246 — CVSS 7.5 (high): Citrix ADC and Citrix Gateway 13.0 before 13.0-64.35, Citrix ADC and NetScaler Gateway 12.1 before 12.1-58.15, Citrix ADC 12.1-FIPS before…
CVE-2020-8190 — CVSS 7.5 (high): Incorrect file permissions in Citrix ADC and Citrix Gateway before versions 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18…
CVE-2021-22956 — CVSS 7.5 (high): An uncontrolled resource consumption vulnerability exists in Citrix ADC <13.0-83.27, <12.1-63.22 and 11.1-65.23 that could allow an…
CVE-2021-22955 — CVSS 7.5 (high): A unauthenticated denial of service vulnerability exists in Citrix ADC <13.0-83.27, <12.1-63.22 and 11.1-65.23 when configured as a VPN…
CVE-2021-22919 — CVSS 7.5 (high): A vulnerability has been discovered in Citrix ADC (formerly known as NetScaler ADC) and Citrix Gateway (formerly known as NetScaler…
CVE-2017-14602 — CVSS 7.2 (high): A vulnerability has been identified in the management interface of Citrix NetScaler Application Delivery Controller (ADC) and NetScaler…
CVE-2020-8194 — CVSS 6.5 (medium): Reflected code injection in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and…
CVE-2019-18177 — CVSS 6.5 (medium): In certain Citrix products, information disclosure can be achieved by an authenticated VPN user when there is a configured SSL VPN…
CVE-2020-8299 — CVSS 6.5 (medium): Citrix ADC and Citrix/NetScaler Gateway 13.0 before 13.0-76.29, 12.1-61.18, 11.1-65.20, Citrix ADC 12.1-FIPS before 12.1-55.238, and Citrix…
CVE-2020-8300 — CVSS 6.5 (medium): Citrix ADC and Citrix/NetScaler Gateway before 13.0-82.41, 12.1-62.23, 11.1-65.20 and Citrix ADC 12.1-FIPS before 12.1-55.238 suffer from…
CVE-2020-8245 — CVSS 6.1 (medium): Improper Input Validation on Citrix ADC and Citrix Gateway 13.0 before 13.0-64.35, Citrix ADC and NetScaler Gateway 12.1 before 12.1-58.15…
CVE-2020-8198 — CVSS 6.1 (medium): Improper input validation in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18…
CVE-2020-8191 — CVSS 6.1 (medium): Improper input validation in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18…