Detections
Analytics

Citrix NetScaler Gateway TLS Padding Oracle Vulnerability (CTX240139)

medium Nessus Plugin ID 121472

Language:

Synopsis

The remote device is affected by a padding oracle vulnerability.

Description

The remote Citrix NetScaler device is affected by a TLS padding oracle vulnerability. An attacker may be able to leverage this vulnerability to decrypt TLS traffic. Please refer to advisory CTX240139 for more information.

Note appliances with all CBC-based ciphers disabled are not affected by this vulnerability. Additionally, the following models are not affected:
 - MPX 5900 series
 - MPX/SDX 8900 series
 - MPX/SDX 15000-50G
 - MPX/SDX 26000-50S series
 - MPX/SDX 26000-100G series
 - MPX/SDX 26000 series
 - VPX

Solution

Upgrade to Citrix NetScaler Gateway version 10.5 build 69.5 / 11.0 build 72.17 / 11.1 build 60.14 / 12.0 build 60.9 / 12.1 build 50.31 or later.

See Also

https://support.citrix.com/article/CTX240139

Plugin Details

Severity: Medium

ID: 121472

File Name: citrix_netscaler_CTX240139.nasl

Version: 1.2

Type: combined

Family: CGI abuses

Published: 1/30/2019

Updated: 10/31/2019

Configuration: Enable paranoid mode

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: Medium

Base Score: 4.3

Temporal Score: 3.2

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N

CVSS Score Source: CVE-2019-6485

CVSS v3

Risk Factor: Medium

Base Score: 5.9

Temporal Score: 5.2

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:citrix:netscaler_access_gateway_firmware

Required KB Items: Host/NetScaler/Detected, Settings/ParanoidReport

Exploit Ease: No known exploits are available

Patch Publication Date: 1/23/2019

Vulnerability Publication Date: 1/23/2019

Reference Information

CVE: CVE-2019-6485