What is the Citrix CNA?
Citrix is a CVE Numbering Authority (CNA) — an organization authorized to assign CVE IDs to vulnerabilities in its scope. It has published 64 CVE records since 2022.
How many CVEs has Citrix published?
Citrix has published 64 CVE records, including 32 in the last two years.
What is Citrix's CVE data quality grade?
RadicalNotion.AI grades Citrix's CVE data quality as A, with an overall completeness score of 93%. This reflects how consistently its CVE records include vendor (100%), product (100%), CVSS (78.1%), and CWE (93.8%) information.
What products does Citrix publish CVEs for?
Citrix most frequently publishes CVEs for NetScaler Gateway, Gateway, NetScaler ADC, netscaler application delivery controller, application delivery controller.
Which vendors does Citrix cover?
Citrix publishes CVEs across 8 distinct vendors, most often Citrix, NetScaler, Cloud Software Group, Citirx, NetSclaer.
Is Citrix actively publishing CVEs?
Citrix is currently active, based on 32 CVEs in the last two years.
What is the average severity of Citrix's CVEs?
The average CVSS base score across Citrix's scored CVEs is 7.4.
How many critical CVEs has Citrix published?
Citrix has published 10 critical-severity CVEs and 26 high-severity CVEs.
Are any of Citrix's CVEs in CISA's Known Exploited Vulnerabilities catalog?
Yes. 11 of Citrix's CVEs are listed in CISA's Known Exploited Vulnerabilities (KEV) catalog, meaning they are confirmed to be exploited in the wild.
What are the most common weakness types in Citrix's CVEs?
Citrix's CVEs most often map to these CWE weakness types: CWE-269 (Improper Privilege Management), CWE-119 (Improper Restriction of Operations within the Bounds of a Memory Buffer), CWE-284 (Improper Access Control), CWE-79 (Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')).
How does Citrix rank among CNAs?
By total CVE volume, Citrix ranks #147 of 370 CNAs, and it reports more complete CVE records than 39% of all CNAs.
