Vulnerability Description
In certain Citrix products, information disclosure can be achieved by an authenticated VPN user when there is a configured SSL VPN endpoint. This affects Citrix ADC and Citrix Gateway 13.0-58.30 and later releases before the CTX276688 update.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Citrix | Application Delivery Controller Firmware | < 13.0-58.30 |
| Citrix | Application Delivery Controller | - |
| Citrix | Gateway | < 13.0-58.30 |
Related Weaknesses (CWE)
References
- https://support.citrix.com/article/CTX276688/citrix-application-delivery-controlVendor Advisory
- https://support.citrix.com/article/CTX276688/citrix-application-delivery-controlVendor Advisory
FAQ
What is CVE-2019-18177?
CVE-2019-18177 is a vulnerability with a CVSS score of 6.5 (MEDIUM). In certain Citrix products, information disclosure can be achieved by an authenticated VPN user when there is a configured SSL VPN endpoint. This affects Citrix ADC and Citrix Gateway 13.0-58.30 and l...
How severe is CVE-2019-18177?
CVE-2019-18177 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-18177?
Check the references section above for vendor advisories and patch information. Affected products include: Citrix Application Delivery Controller Firmware, Citrix Application Delivery Controller, Citrix Gateway.