The TLS and DTLS processing functionality in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway devices with firmware 9.x prior to 9.3 Build 68.5, 10.0 through Build 78.6, 10.1 before Build 130.13, 10.1.e before Build 130.1302.e, 10.5 before Build 55.8, and 10.5.e before Build 55.8007.e makes it easier for man-in-the-middle malicious users to obtain cleartext data via a padding-oracle attack, a variant of CVE-2014-3566 (aka POODLE).
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
citrix netscaler application delivery controller - |
||
citrix netscaler gateway - |