NVD disclosure day

Published threat advisories for July 16, 2019

CVE-2019-12991

Citrix SD-WAN Command Injection Vulnerability.

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

Citrix SD-WAN and NetScaler SD-WAN appliances are impacted by a vulnerability allowing command execution. This could lead to unauthorized access to data and disruption of network services, posing a significant business risk.

NVD published: July 16, 2019 • CISA KEV

CVE advisoryKnown Exploit

CVE-2019-12989

Citrix SD-WAN SQL Injection Vulnerability.

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

Citrix SD-WAN and NetScaler SD-WAN products contain a SQL injection vulnerability. This flaw could allow an attacker to access or modify sensitive data, potentially leading to data compromise and disruption of operations.

NVD published: July 16, 2019 • CISA KEV