CVE-2015-7996

{"id": "CVE-2015-7996", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2015-11-17T15:59:17.770", "references": [{"url": "http://support.citrix.com/article/CTX202482", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.securitytracker.com/id/1034167", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-200"}]}], "descriptions": [{"lang": "en", "value": "The Nitro API in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 10.1 Build 133.9, 10.5 before Build 58.11, and 10.5.e before Build 56.1505.e on NetScaler Service Delivery Appliance Service VM (SVM) devices allow attackers to obtain credentials via the browser cache."}, {"lang": "es", "value": "La API Nitro en Citrix NetScaler Application Delivery Controller (ADC) y NetScaler Gateway en versiones anteriores a 10.1 Build 133.9, 10.5 en versiones anteriores a Build 58.11 y 10.5.e en versiones anteriores a Build 56.1505.e en dispositivos NetScaler Service Delivery Appliance Service VM (SVM) permite a atacantes obtener credenciales a trav\u00e9s de la cach\u00e9 del navegador."}], "lastModified": "2016-12-07T18:25:53.213", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:citrix:netscaler_application_delivery_controller_firmware:10.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FD151FA3-8B96-48AF-B908-C29EAE88EF5B"}, {"criteria": "cpe:2.3:o:citrix:netscaler_application_delivery_controller_firmware:10.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D8C7525B-2A2D-43AF-8DA0-11FF28322337"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:citrix:netscaler_service_delivery_appliance_service_vm:10.5e:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "40AFE347-13AE-4064-9E71-A9B1959CFABE"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:citrix:netscaler_gateway_firmware:10.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A254925E-AD47-4722-AAB2-43A6FEA900AC"}, {"criteria": "cpe:2.3:o:citrix:netscaler_gateway_firmware:10.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7E0FA8E2-3E8F-481E-8C39-FB00A9739DFC"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}