CVE-2015-5080

high

Description

The Management Interface in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 10.1 before 10.1.132.8, 10.5 before Build 56.15, and 10.5.e before Build 56.1505.e allows remote authenticated users to execute arbitrary shell commands via shell metacharacters in the filter parameter to rapi/ipsec_logs.

References

http://www.securitytracker.com/id/1032762

http://www.securityfocus.com/bid/75505

http://support.citrix.com/article/CTX201149

http://security-assessment.com/files/documents/advisory/Citrix-Netscaler-Final.pdf

Details

Source: Mitre, NVD

Published: 2015-07-16

Updated: 2026-06-17

Risk Information

CVSS v2

Base Score: 9

Vector: CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity: High

EPSS

EPSS: 0.00511