CVE-2025-8424 | THREATINT

Description

Improper access control on the NetScaler Management Interface in NetScaler ADC and NetScaler Gateway when an attacker can get access to the appliance NSIP, Cluster Management IP or local GSLB Site IP or SNIP with Management Access

PUBLISHED Reserved 2025-07-31 | Published 2025-08-26 | Updated 2025-08-27 | Assigner Citrix

HIGH: 8.7CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L

Problem types

CWE-1284 Improper Validation of Specified Quantity in Input

Product status

Default status

unaffected

14.1 before 47.48

affected

13.1 before 59.22

affected

13.1 FIPS and NDcPP before 37.241

affected

12.1 FIPS and NDcPP before 55.330

affected

Default status

unaffected

14.1 before 47.48

affected

13.1 before 59.22

affected

13.1 FIPS and NDcPP before 37.241

affected

12.1 FIPS and NDcPP before 55.330

affected

References

support.citrix.com/...search/article?articleNumber=CTX694938

cve.org (CVE-2025-8424)

nvd.nist.gov (CVE-2025-8424)

Download JSON

help @ threatint.eu