CVE-2024-8535 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	8.1 HIGH	NETWORK	HIGH	NONE	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Base Score

CVSS 3.x

EPSS Score

Percentile: 69%

Affected Products (NVD)

Vendor	Product	Version
citrix	netscaler_application_delivery_controller	12.1 ≤ 𝑥 < 12.1-55.321
citrix	netscaler_application_delivery_controller	12.1 ≤ 𝑥 < 12.1-55.321
citrix	netscaler_application_delivery_controller	12.1 ≤ 𝑥 < 13.1-55.34
citrix	netscaler_application_delivery_controller	13.1 ≤ 𝑥 < 13.1-37.207
citrix	netscaler_application_delivery_controller	14.1 ≤ 𝑥 < 14.1-29.72
citrix	netscaler_gateway	12.1 ≤ 𝑥 < 13.1-55.34
citrix	netscaler_gateway	14.1 ≤ 𝑥 < 14.1-29.72

𝑥

= Vulnerable software versions

Early Detection

Affected products identified ahead of NVD analysis through intelligence sources.

Vendor	Product	Version	Source
netscaler	adc	14.1 ≤ 𝑥 < 29.72	ADP
netscaler	adc	13.1 ≤ 𝑥 < 55.34	ADP
netscaler	adc	13.1fips ≤ 𝑥 < 37.207	ADP
netscaler	adc	12.1-fips ≤ 𝑥 < 55.321	ADP
netscaler	adc	12.1-ndcpp ≤ 𝑥 < 55.321	ADP
netscaler	gateway	14.1 ≤ 𝑥 < 29.72	ADP
netscaler	gateway	13.1 ≤ 𝑥 < 55.34	ADP
netscaler	gateway	13.1fips ≤ 𝑥 < 37.207	ADP
netscaler	gateway	12.1-fips ≤ 𝑥 < 55.321	ADP
netscaler	gateway	12.1-ndcpp ≤ 𝑥 < 55.321	ADP

Common Weakness Enumeration

CWE-552 - Files or Directories Accessible to External Parties
The product makes files or directories accessible to unauthorized actors, even though they should not be.

References

https://support.citrix.com/s/article/CTX691608-netscaler-adc-and-netscaler-gateway-security-bulletin-for-cve20248534-and-cve20248535?language=en_US