CVE-2024-8535
5.8
CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:H/SI:H/SA:H
Summary
Authenticated user can access unintended user capabilities in NetScaler ADC and NetScaler Gateway if the appliance must be configured as a Gateway (SSL VPN, ICA Proxy, CVPN, RDP Proxy) with KCDAccount configuration for Kerberos SSO to access backend resources OR the appliance must be configured as an Auth Server (AAA Vserver) with KCDAccount configuration for Kerberos SSO to access backend resources
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| NetScaler | NetScaler ADC | 14.1 < 29.72 | affected |
| NetScaler | NetScaler ADC | 13.1 < 55.34 | affected |
| NetScaler | NetScaler ADC | 13.1 FIPS < 37.207 | affected |
| NetScaler | NetScaler ADC | 12.1-FIPS < 55.321 | affected |
| NetScaler | NetScaler ADC | 12.1-NDcPP < 55.321 | affected |
| NetScaler | NetScaler Gateway | 14.1 < 29.72 | affected |
| NetScaler | NetScaler Gateway | 13.1 < 55.34 | affected |
| NetScaler | NetScaler Gateway | 13.1-FIPS < 37.207 | affected |
| NetScaler | NetScaler Gateway | 12.1-FIPS < 55.321 | affected |
| NetScaler | NetScaler Gateway | 12.1-NDcPP < 55.321 | affected |
Weaknesses
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.