CVE-2019-19781

CRITICAL WAF: High
CVSS 9.8 Published: 2019-12-27
CWE-22 CWE-22

An issue was discovered in Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0. They allow Directory Traversal.

WAF Coverage Analysis

Path Traversal High WAF Coverage

OWASP: A01:2021 Broken Access Control

930xxx - Local File Inclusion
Path Traversal High WAF Coverage

OWASP: A01:2021 Broken Access Control

930xxx - Local File Inclusion

Affected Software

VendorProductVersion
citrixapplication_delivery_controller_firmware10.5
citrixapplication_delivery_controller_firmware11.1
citrixapplication_delivery_controller_firmware12.0
citrixapplication_delivery_controller_firmware12.1
citrixapplication_delivery_controller_firmware13.0
citrixnetscaler_gateway_firmware10.5
citrixnetscaler_gateway_firmware11.1
citrixnetscaler_gateway_firmware12.0
citrixnetscaler_gateway_firmware12.1
citrixgateway_firmware13.0

References

Back to CVE Database