0.0
NA
CVE-2024-12284
Citrix NetScaler Console and Agent Authenticated Privilege Escalation
Description

Authenticated privilege escalation in NetScaler Console and NetScaler Agent allows.

INFO

Published Date :

Feb. 20, 2025, 12:15 a.m.

Last Modified :

Feb. 20, 2025, 12:15 a.m.

Source :

[email protected]

Remotely Exploitable :

No

Impact Score :

Exploitability Score :

Affected Products

The following products are affected by CVE-2024-12284 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

No affected product recoded yet

: Total Affected Vendor : 0 | Products : 0
References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2024-12284.

URL Resource
https://support.citrix.com/s/article/CTX692579-netscaler-console-and-netscaler-agent-security-bulletin-for-cve202412284?language=en_US

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2024-12284 vulnerability anywhere in the article.

  • TheCyberThrone
MongoDB is affected by Twin Critical Vulnerabilities

CVE-2025-23061: Mongoose Search Injection VulnerabilityDescription: CVE-2025-23061 is a critical vulnerability identified in Mongoose versions prior to 8.9.5. The vulnerability arises due to the impro ... Read more

Published Date: Feb 21, 2025 (14 hours, 10 minutes ago)
CVE-2024-12284 CVE-2025-1094 CVE-2025-23061 CVE-2024-53900
  • The Cyber Express
Improper Certificate Validation in RadiAnt DICOM Viewer Puts Healthcare Systems at Risk

A newly identified cybersecurity vulnerability in Medixant’s RadiAnt DICOM Viewer has raised concerns about potential security threats in the healthcare sector. The vulnerability tracked as CVE-2025-1 ... Read more

Published Date: Feb 21, 2025 (21 hours, 54 minutes ago)
CVE-2025-1001 CVE-2024-12284 CVE-2025-0994
  • TheCyberThrone
Atlassian’s Security Advisory Addresses Multiple Vulnerabilities

In February 2025, Atlassian released a comprehensive security advisory addressing 12 critical and high-severity vulnerabilities across its suite of products, including Bamboo, Bitbucket, Confluence, C ... Read more

Published Date: Feb 21, 2025 (1 day, 1 hour ago)
CVE-2024-12284 CVE-2025-1094 CVE-2024-12345 CVE-2024-12351 CVE-2024-12350 CVE-2024-12349 CVE-2024-12348 CVE-2024-12347 CVE-2024-12346 CVE-2024-47072 ...+4 more CVE
  • TheCyberThrone
CISA adds Craft CMS and PaloAlto Flaws to KEV Catalog

The Cybersecurity and Infrastructure Security Agency (CISA) recently added two critical vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog. These vulnerabilities are:CVE-2025-23209: ... Read more

Published Date: Feb 21, 2025 (1 day, 3 hours ago)
CVE-2024-12284 CVE-2025-1094 CVE-2025-0111 CVE-2025-23209
  • TheCyberThrone
CVE-2024-12284 impacts NetScaler

CVE-2024-12284 is a high severity vulnerability identified in the NetScaler Console (formerly NetScaler ADM) and NetScaler Console Agent.Vulnerability DetailsNature of CVE-2024-12284Description: CVE-2 ... Read more

Published Date: Feb 20, 2025 (1 day, 15 hours ago)
CVE-2024-12284 CVE-2025-1094
  • The Cyber Express
CVE-2024-12284: NetScaler Users Urged to Update Against Critical Flaw

Cloud Software Group released critical security updates to address a high-severity vulnerability in the NetScaler Console and NetScaler Console Agent, identified as CVE-2024-12284. This vulnerability ... Read more

Published Date: Feb 20, 2025 (1 day, 18 hours ago)
CVE-2024-12284
  • The Hacker News
Citrix Releases Security Fix for NetScaler Console Privilege Escalation Vulnerability

Vulnerability / IT Security Citrix has released security updates for a high-severity security flaw impacting NetScaler Console (formerly NetScaler ADM) and NetScaler Agent that could lead to privilege ... Read more

Published Date: Feb 20, 2025 (1 day, 23 hours ago)
CVE-2024-12284
  • Cyber Security News
Windows Disk Cleanup Tool Vulnerability Exploited to Gain SYSTEM Privileges

Microsoft has addressed a critical vulnerability in the Windows Disk Cleanup Tool (cleanmgr.exe) in the February 2025 Patch Tuesday security updates. Tracked as CVE-2025-21420, the vulnerability has a ... Read more

Published Date: Feb 20, 2025 (2 days ago)
CVE-2024-12284 CVE-2025-21420 CVE-2025-21418 CVE-2025-21391 CVE-2025-21377 CVE-2025-21194
  • Cyber Security News
Citrix NetScaler Vulnerability Allows Unauthorized Command Execution

Cloud Software Group issued urgent patches on February 18, 2025, for a high-severity vulnerability (CVE-2024-12284) affecting its NetScaler Console (formerly NetScaler ADM) and NetScaler Agent. Rated ... Read more

Published Date: Feb 20, 2025 (2 days, 1 hour ago)
CVE-2024-12284 CVE-2025-21420 CVE-2024-20341 CVE-2024-6409 CVE-2024-6387
  • Cyber Security News
Critical Microsoft Bing Vulnerability Let Attackers Execute Code Remotely

Microsoft has addressed a critical security flaw in its Bing search engine, tracked as CVE-2025-21355, which could have allowed unauthorized attackers to execute arbitrary code remotely. The vulnerabi ... Read more

Published Date: Feb 20, 2025 (2 days, 2 hours ago)
CVE-2024-12284 CVE-2025-21355
  • Cybersecurity News
Amazon Prime Phishing Scam Steals Login, Payment Info

The Cofense Phishing Defense Center (PDC) has identified a new phishing campaign that specifically targets Amazon Prime users, attempting to steal login credentials, security answers, and payment deta ... Read more

Published Date: Feb 20, 2025 (2 days, 3 hours ago)
CVE-2024-12284 CVE-2024-4577
  • Cybersecurity News
CVE-2024-12284 in NetScaler Console Exposes Systems to Unauthorized Command Execution

Cloud Software Group has released a security bulletin addressing a high-severity vulnerability in its NetScaler Console and NetScaler Agent. Tracked as CVE-2024-12284, the flaw could allow authenticat ... Read more

Published Date: Feb 19, 2025 (2 days, 4 hours ago)
CVE-2024-12284 CVE-2023-6548

The following table lists the changes that have been made to the CVE-2024-12284 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • New CVE Received by [email protected]

    Feb. 20, 2025

    Action Type Old Value New Value
    Added Description Authenticated privilege escalation in NetScaler Console and NetScaler Agent allows.
    Added CVSS V4.0 AV:A/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
    Added CWE CWE-269
    Added Reference https://support.citrix.com/s/article/CTX692579-netscaler-console-and-netscaler-agent-security-bulletin-for-cve202412284?language=en_US
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.
CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2024-12284 is associated with the following CWEs:

Common Attack Pattern Enumeration and Classification (CAPEC)

Common Attack Pattern Enumeration and Classification (CAPEC) stores attack patterns, which are descriptions of the common attributes and approaches employed by adversaries to exploit the CVE-2024-12284 weaknesses.

NONE - Vulnerability Scoring System
: