CVE-2019-11550

EUVD-2019-3221
Citrix SD-WAN 10.2.x before 10.2.1 and NetScaler SD-WAN 10.0.x before 10.0.7 have Improper Certificate Validation.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.9 MEDIUM
NETWORK
HIGH
NONE
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 34%
Affected Products (NVD)
VendorProductVersion
citrixnetscaler_sd-wan
9.0.0 ≤
𝑥
≤ 9.3.6
citrixnetscaler_sd-wan
10.0.0 ≤
𝑥
< 10.0.7
citrixsd-wan
10.1.0 ≤
𝑥
≤ 10.1.2
citrixsd-wan
10.2.0 ≤
𝑥
< 10.2.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://support.citrix.com/article/CTX247735
https://support.citrix.com/v1/search?searchQuery=%22%22&lang=en&sort=cr_date_desc&prod=&pver=&ct=Security+Bulletin
https://support.citrix.com/article/CTX247735
https://support.citrix.com/v1/search?searchQuery=%22%22&lang=en&sort=cr_date_desc&prod=&pver=&ct=Security+Bulletin