CVE-2024-6235: Sensitive information disclosure
9.4
CVSS
Description
Sensitive information disclosure in NetScaler Console
Classification
CVE ID: CVE-2024-6235
CVSS Base Severity: CRITICAL
CVSS Base Score: 9.4
CVSS Vector: CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
Affected Products
Vendor: NetScaler
Product: NetScaler Console
Nuclei Template
http/cves/2024/CVE-2024-6235.yaml
Exploit Prediction Scoring System (EPSS)
EPSS Score: 86.09% (probability of being exploited)
EPSS Percentile: 99.34% (scored less or equal to compared to others)
EPSS Date: 2025-05-22 (when was this score calculated)
Stakeholder-Specific Vulnerability Categorization (SSVC)
SSVC Exploitation: poc
SSVC Technical Impact: total
SSVC Automatable: false
References
https://nvd.nist.gov/vuln/detail/CVE-2024-6235https://support.citrix.com/article/CTX677998