CVE-2016-2072

MEDIUM

Citrix Netscaler - Security Feature Bypass

Title source: rule

Description

The Administrative Web Interface in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 11.x before 11.0 Build 64.34, 10.5 before 10.5 Build 59.13, 10.5.e before Build 59.1305.e, and 10.1 allows remote attackers to conduct clickjacking attacks via unspecified vectors.

References (2)

[Vendor Advisory] http://support.citrix.com/article/CTX206001

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id/1035098

Scores

CVSS v3 6.1

EPSS 0.0024

EPSS Percentile 46.6%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Classification

CWE

CWE-254

Status draft

Affected Products (4)

citrix/netscaler

Timeline

Published Feb 17, 2016

Tracked Since Feb 18, 2026