cvedb.io
CVE-2024-8535
HIGH · CVSS 8.1
EPSS exploitation probability: 0%
Published 2024-11-12T19:15:19.040 · Last modified 2026-06-17T08:22:48.703

Summary

Authenticated user can access unintended user capabilities in NetScaler ADC and NetScaler Gateway if the appliance must be configured as a Gateway (SSL VPN, ICA Proxy, CVPN, RDP Proxy) with KCDAccount configuration for Kerberos SSO to access backend resources OR the appliance must be configured as an Auth Server (AAA Vserver) with KCDAccount configuration for Kerberos SSO to access backend resources

Affected products

citrix — netscaler_application_delivery_controller

Does this affect you?

Add your gear to cvedb and we'll alert you only when citrix ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.