CVE-2026-10817

Published Jun 30, 2026

Last updated 7 days ago

Overview

Description
Insufficient input validation leading to memory overread in NetScaler ADC and NetScaler Gateway if the TCP TimeStamp is enabled in TCP Profile and is associated with the virtual server (of type LB, CS, VPN) or the service configured on NetScaler
Source
50a63c94-1ea7-4568-8c11-eb79e7c5a2b5
NVD status
Analyzed
Products
netscaler_application_delivery_controller, netscaler_gateway

Risk scores

CVSS 4.0

Type
Secondary
Base score
6.9
Impact score
-
Exploitability score
-
Vector string
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Severity
MEDIUM

CVSS 3.1

Type
Primary
Base score
7.5
Impact score
3.6
Exploitability score
3.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Severity
HIGH

Weaknesses

50a63c94-1ea7-4568-8c11-eb79e7c5a2b5
CWE-125

Social media

Hype score
Not currently trending

Configurations