Main Vulnerability Database Vulnerabilities #VU1136

Session hijacking in Citrix NetScaler - CVE-2016-9028

Published: November 2, 2016 / Updated: November 3, 2016

Vulnerability identifier: #VU1136

CSH Severity: Low

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2016-9028

CWE-ID: CWE-592

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: Citrix

Affected software:
Citrix NetScaler

Detailed vulnerability description

The vulnerability allows a remote unauthenticated user to hijack the target user's session.
The weakness is due to unathorized redirect in the AAA for Traffic Management (AAA-TM) flow that allows a remote attackers to gain the session cookies and hijack the valid user's session.
Successful exploitation of the vulnerability leads to session steal.

How to mitigate CVE-2016-9028

Update to version 10.1 Build 135.8, 10.5 Build 61.11, 11.0 Build 65.31/65.35F.

Sources

https://support.citrix.com/article/CTX218361

Session hijacking in Citrix NetScaler - CVE-2016-9028

Detailed vulnerability description

How to mitigate CVE-2016-9028

Sources

Please verify you're human