CVE-2017-6316

unknown KEV

Published 2022-03-25 · Modified 2022-03-25

CVSS v3

—

CVSS v2

—

VIR risk

1.5

Description

A vulnerability has been identified in the management interface of Citrix NetScaler SD-WAN Enterprise and Standard Edition and Citrix CloudBridge Virtual WAN Edition that could result in an unauthenticated, remote attacker being able to execute arbitrary code as a root user. This vulnerability also affects XenMobile Server.

CISA KEV

Vendor: Citrix
Product: NetScaler SD-WAN Enterprise, CloudBridge Virtual WAN, and XenMobile Server
Due date: 2022-04-15

Predictions

Exploit likelihood

99%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: cisa-kev — https://nvd.nist.gov/vuln/detail/CVE-2017-6316

Exploits

References

https://nvd.nist.gov/vuln/detail/CVE-2017-6316

Verify integrity in audit chain (admin only). AS-IS.