CyberSec.Space Logo
Back to CVE Browser

CVE-2015-3642

MEDIUM
5.9
CVSS Severity Score
EPSS Score0.0740%
EPSS Percentile9.02th
PublishedAug 2, 2017
Last ModifiedMay 13, 2026

Vulnerability Description

The TLS and DTLS processing functionality in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway devices with firmware 9.x before 9.3 Build 68.5, 10.0 through Build 78.6, 10.1 before Build 130.13, 10.1.e before Build 130.1302.e, 10.5 before Build 55.8, and 10.5.e before Build 55.8007.e makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, a variant of CVE-2014-3566 (aka POODLE).

Affected Platforms (CPE)

πŸ”Œ
Citrix

Netscaler Application Delivery Controller

All versions
πŸ”Œ
Citrix

Netscaler Gateway

All versions

References & Advisories

πŸ”— http://support.citrix.com/article/CTX200378
πŸ”— http://support.citrix.com/article/CTX200378

Related Vulnerabilities

CVE-2014-288110.0

Unspecified vulnerability in the Diffie-Hellman key agreement implementation in the management GUI Java applet in Citrix NetScaler...

CVE-2014-288210.0

Unspecified vulnerability in the management GUI in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway be...

CVE-2013-694110.0

Unspecified vulnerability in Citrix NetScaler Application Delivery Controller (ADC) 9.3.x before 9.3-64.4, 10.0 before 10.0-77.5, ...

CVE-2015-553810.0

Multiple unspecified vulnerabilities in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 10.1 B...