CyberSec.Space Logo
返回 CVE 浏览器

CVE-2015-3642

MEDIUM
5.9
CVSS Severity Score
EPSS Score0.0740%
EPSS Percentile9.02th
Published2017年8月2日
Last Modified2026年5月13日

Vulnerability Description

The TLS and DTLS processing functionality in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway devices with firmware 9.x before 9.3 Build 68.5, 10.0 through Build 78.6, 10.1 before Build 130.13, 10.1.e before Build 130.1302.e, 10.5 before Build 55.8, and 10.5.e before Build 55.8007.e makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, a variant of CVE-2014-3566 (aka POODLE).

Affected Platforms (CPE)

🔌
Citrix

Netscaler Application Delivery Controller

All versions
🔌
Citrix

Netscaler Gateway

All versions

References & Advisories

🔗 http://support.citrix.com/article/CTX200378
🔗 http://support.citrix.com/article/CTX200378

相关漏洞威胁

CVE-2014-288110.0

Unspecified vulnerability in the Diffie-Hellman key agreement implementation in the management GUI Java applet in Citrix NetScaler...

CVE-2014-288210.0

Unspecified vulnerability in the management GUI in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway be...

CVE-2013-694110.0

Unspecified vulnerability in Citrix NetScaler Application Delivery Controller (ADC) 9.3.x before 9.3-64.4, 10.0 before 10.0-77.5, ...

CVE-2015-553810.0

Multiple unspecified vulnerabilities in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 10.1 B...