The TLS and DTLS processing functionality in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway devices with firmware 9.x prior to 9.3 Build 68.5, 10.0 through Build 78.6, 10.1 before Build 130.13, 10.1.e before Build 130.1302.e, 10.5 before Build 55.8, and 10.5.e before Build 55.8007.e makes it easier for man-in-the-middle malicious users to obtain cleartext data via a padding-oracle attack, a variant of CVE-2014-3566 (aka POODLE).
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
citrix netscaler_application_delivery_controller - |
||
citrix netscaler_gateway - |