CVE-2019-19781

GPTKB entity

Statements (41)
Predicate Object
gptkbp:instanceOf cybersecurity vulnerability
gptkbp:access false
gptkbp:affects gptkb:Citrix_Gateway
gptkb:Citrix_ADC
Citrix SD-WAN WANOP
gptkbp:citation https://nvd.nist.gov/vuln/detail/CVE-2019-19781
https://support.citrix.com/article/CTX267027
gptkbp:CVSSv3_score 9.8
gptkbp:CVSSv3_severity Critical
gptkbp:describes A vulnerability in Citrix ADC and Gateway that allows unauthenticated remote code execution via directory traversal.
gptkbp:exploits true
gptkbp:hasCWE gptkb:CWE-22
gptkbp:hasVersion Citrix ADC 10.5
Citrix ADC 11.1
Citrix ADC 12.0
Citrix ADC 12.1
Citrix ADC 13.0
Citrix Gateway 10.5
Citrix Gateway 11.1
Citrix Gateway 12.0
Citrix Gateway 12.1
Citrix Gateway 13.0
Citrix SD-WAN WANOP 10.2.6
Citrix SD-WAN WANOP 11.0.3
Citrix SD-WAN WANOP 11.1.1
https://www.w3.org/2000/01/rdf-schema#label CVE-2019-19781
gptkbp:impact remote code execution
gptkbp:mainVendors gptkb:Citrix
gptkbp:mitigatedBy Apply vendor patch
Block access to /vpn/ directory
gptkbp:notableBattle Credential theft
Cryptomining
Ransomware deployment
gptkbp:patchAvailable true
gptkbp:publicDisclosure 2019-12-17
gptkbp:publicExploitAvailable true
gptkbp:vulnerableTo gptkb:CVE-2019-19781
path traversal
arbitrary code execution
gptkbp:bfsParent gptkb:Sodinokibi
gptkbp:bfsLayer 6