CVE-2019-10883
CRITICALCitrix SD-WAN Center 10.1.0-10.1.2 and NetScaler SD-WAN Center 9.1-9.3.6 - OS Command Injection
Title source: llmDescription
Citrix SD-WAN Center 10.2.x before 10.2.1 and NetScaler SD-WAN Center 10.0.x before 10.0.7 allow Command Injection.
References (4)
Core 4
Core References
Third Party Advisory x_refsource_misc
https://www.tenable.com/security/research
Vendor Advisory x_refsource_misc
https://support.citrix.com/v1/search?searchQuery=%22%22&lang=en&sort=cr_date_desc&prod=&pver=&ct=Security+Bulletin
Exploit, Third Party Advisory x_refsource_misc
https://www.tenable.com/security/research/tra-2019-18
Vendor Advisory x_refsource_confirm
https://support.citrix.com/article/CTX247737
Scores
CVSS v3
9.8
EPSS
0.4100
EPSS Percentile
97.4%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-78
Status
published
Products (2)
citrix/citrix_sd-wan_center
10.1.0 - 10.1.2
citrix/netscaler_sd-wan_center
9.1 - 9.3.6
Published
Jun 03, 2019
Tracked Since
Feb 18, 2026