CVE-2009-2213

CVSS 6.5 - MEDIUM

Description

The default configuration of the Security global settings on the Citrix NetScaler Access Gateway appliance with Enterprise Edition firmware 9.0, 8.1, and earlier specifies Allow for the Default Authorization Action option, which might allow remote authenticated users to bypass intended access restrictions.

Affected Products

5

Vendor	Product	Version
citrix	netscaler_access_gateway_firmware	`All versions`
citrix	netscaler_access_gateway_firmware	`7.0`
citrix	netscaler_access_gateway_firmware	`8.0`
citrix	netscaler_access_gateway_firmware	`9.0`
citrix	netscaler_access_gateway	`-`

References

http://support.citrix.com/article/CTX118770

http://www.securityfocus.com/bid/35422

http://www.vupen.com/english/advisories/2009/1641

https://exchange.xforce.ibmcloud.com/vulnerabiliti...

http://support.citrix.com/article/CTX118770

http://www.securityfocus.com/bid/35422

http://www.vupen.com/english/advisories/2009/1641

https://exchange.xforce.ibmcloud.com/vulnerabiliti...

Weakness Types

CWE-863

CVE Information

CVE ID:: CVE-2009-2213
Published:: 2009-06-25
Modified:: 2026-04-23
CVSS Score:: 6.5
Severity:: MEDIUM
Vector:: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Affected Vendors

citrix

Quick Actions

View on NVD Find Similar CVEs

CVSS Severity Scale

0.0 - 3.9 LOW

4.0 - 6.9 MEDIUM

7.0 - 8.9 HIGH

9.0 - 10.0 CRITICAL