NVD - CVE-2021-22927

Vulnerability Change Records for CVE-2021-22927

Change History

Initial Analysis by NIST 8/16/2021 4:14:39 PM

Action	Type	Old Value	New Value
Added	CPE Configuration		AND OR cpe:2.3:o:citrix:application_delivery_controller_firmware::::::::* versions from (including) 11.1 up to (excluding) 11.1-65.22 cpe:2.3:o:citrix:application_delivery_controller_firmware::::::::* versions from (including) 12.1 up to (excluding) 12.1-62.27 cpe:2.3:o:citrix:application_delivery_controller_firmware::::::::* versions from (including) 13.0 up to (excluding) 13.0-82.45 OR cpe:2.3:h:citrix:application_delivery_controller:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:citrix:application_delivery_controller_firmware::::::::* versions from (including) 12.1 up to (excluding) 12.1-55.238 OR cpe:2.3:h:citrix:mpx\/sdx_14030_fips:-:::::::* cpe:2.3:h:citrix:mpx\/sdx_14060_fips:-:::::::* cpe:2.3:h:citrix:mpx\/sdx_14080_fips:-:::::::* cpe:2.3:h:citrix:mpx_15030-50g_fips:-:::::::* cpe:2.3:h:citrix:mpx_15040-50g_fips:-:::::::* cpe:2.3:h:citrix:mpx_15060-50g_fips:-:::::::* cpe:2.3:h:citrix:mpx_15080-50g_fips:-:::::::* cpe:2.3:h:citrix:mpx_15100-50g_fips:-:::::::* cpe:2.3:h:citrix:mpx_15120-50g_fips:-:::::::* cpe:2.3:h:citrix:mpx_8905_fips:-:::::::* cpe:2.3:h:citrix:mpx_8910_fips:-:::::::* cpe:2.3:h:citrix:mpx_8920_fips:-:::::::*
Added	CPE Configuration		OR cpe:2.3:a:citrix:gateway::::::::* versions from (including) 12.1 up to (excluding) 12.1-62.27 cpe:2.3:a:citrix:gateway::::::::* versions from (including) 13.0 up to (excluding) 13.0-82.45 cpe:2.3:a:citrix:netscaler_gateway::::::::* versions from (including) 11.1 up to (excluding) 11.1-65.22
Added	CVSS V2		NIST (AV:N/AC:M/Au:N/C:P/I:P/A:N)
Added	CVSS V2 Metadata		Victim must voluntarily interact with attack mechanism
Added	CVSS V3.1		NIST AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
Added	CWE		NIST CWE-384
Changed	Reference Type	https://support.citrix.com/article/CTX319135 No Types Assigned	https://support.citrix.com/article/CTX319135 Vendor Advisory