CVE-2019-12044

EUVD-2019-3698
A Buffer Overflow exists in Citrix NetScaler Gateway 10.5.x before 10.5.70.x, 11.1.x before 11.1.59.10, 12.0.x before 12.0.59.8, and 12.1.x before 12.1.49.23 and Citrix Application Delivery Controller 10.5.x before 10.5.70.x, 11.1.x before 11.1.59.10, 12.0.x before 12.0.59.8, and 12.1.x before 12.1.49.23.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 68%
Affected Products (NVD)
VendorProductVersion
citrixnetscaler_gateway_firmware
10.5.0 ≤
𝑥
< 10.5.70
citrixnetscaler_gateway_firmware
11.1.0 ≤
𝑥
< 11.1.59.10
citrixnetscaler_gateway_firmware
12.0.0 ≤
𝑥
< 12.0.59.8
citrixnetscaler_gateway_firmware
12.1.0 ≤
𝑥
< 12.1.49.23
citrixnetscaler_application_delivery_controller_firmware
10.5.0 ≤
𝑥
< 10.5.70
citrixnetscaler_application_delivery_controller_firmware
11.1.0 ≤
𝑥
< 11.1.59.10
citrixnetscaler_application_delivery_controller_firmware
12.0.0 ≤
𝑥
< 12.0.59.8
citrixnetscaler_application_delivery_controller_firmware
12.1.0 ≤
𝑥
< 12.1.49.23
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://support.citrix.com/article/CTX249976
https://support.citrix.com/v1/search?searchQuery=%22%22&lang=en&sort=cr_date_desc&prod=&pver=&ct=Security+Bulletin
https://support.citrix.com/article/CTX249976
https://support.citrix.com/v1/search?searchQuery=%22%22&lang=en&sort=cr_date_desc&prod=&pver=&ct=Security+Bulletin