Main Vulnerability Database SB2018051712

SB2018051712 - Privilege escalation in Citrix NetScaler Application Delivery Controller and NetScaler Gateway

Published: May 17, 2018

Security Bulletin ID SB2018051712

Severity

Medium

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Adjecent network

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Privilege escalation (CVE-ID: CVE-2018-7218)

The vulnerability allows an adjacent attacker to gain elevated privileges.

The weakness exists in the AppFirewall feature due to improper access control. An adjacent attacker can gain elevated privileges and execute arbitrary code and compromise the host system.

Remediation

Install update from vendor's website.

References

https://support.citrix.com/article/CTX234869