CVE-2024-2049

Medium CVSS 6.5

Overview

Server-Side Request Forgery (SSRF) in Citrix SD-WAN Standard/Premium Editions on or after 11.4.0 and before 11.4.4.46 allows an attacker to disclose limited information from the appliance via Access to management IP.

CWE: CWE-918 Published: 2024-03-12T13:15:49.807

Risk analysis

This vulnerability is rated 🟡 MEDIUM.

CVSS: 6.5 (MEDIUM)
Detected tags: ssrf (tag impact: MODERATE)

Recommended actions:

Deny access to internal/metadata addresses; use outbound allowlists.

Overview

Recommended tools

Tags