Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-6192


Vulnerability Score 4.3 4.3
CVE Id CVE-2007-6192
Last Modified 05 Sep 2008 05:32:36
Published 29 Nov 2007 08:46:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE



The web management interface in Citrix NetScaler 8.0 build 47.8 uses weak encryption (XOR of unpadded data) to store credentials within a cookie, which makes it easier for remote attackers to obtain cleartext credentials when a cookie is captured via a known-plaintext attack.

Vulnerable Systems


  • Citrix Netscaler 8.0


XF - netscaler-cookie-weak-encryption(38646)

BUGTRAQ - 20071126 Citrix NetScaler Web Management Cookie Weakness

SECTRACK - 1018991

SREASON - 3409

Last Updated: 27 May 2016 10:46:24