CVSS: 6.1EPSS: 0%CPEs: 20EXPL: 0CVE-2020-8198
https://notcve.org/view.php?id=CVE-2020-8198
10 Jul 2020 — Improper input validation in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 resulting in Stored Cross-Site Scripting (XSS). Una comprobación de entrada inapropiada en Citrix ADC y Citrix Gateway versiones anteriores a 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 y 10.5-70.18 y Citrix SDWAN WAN-OP versiones anteriores a 11.1.1a, 11.0.3d y 10.2.7, resulta en una vulnerabilidad de ... • https://support.citrix.com/article/CTX276688 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.5EPSS: 79%CPEs: 20EXPL: 0CVE-2020-8194
https://notcve.org/view.php?id=CVE-2020-8194
10 Jul 2020 — Reflected code injection in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 allows the modification of a file download. Una inyección de código reflejado en Citrix ADC y Citrix Gateway versiones anteriores a 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 y 10.5-70.18 y Citrix SDWAN WAN-OP versiones anteriores a 11.1.1a, 11.0.3d y 10.2.7, permite la modificación de una descarga de a... • https://support.citrix.com/article/CTX276688 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 6.5EPSS: 94%CPEs: 20EXPL: 7CVE-2020-8193 – Citrix ADC, Gateway, and SD-WAN WANOP Appliance Authorization Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2020-8193
10 Jul 2020 — Improper access control in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 allows unauthenticated access to certain URL endpoints. Un control de acceso inapropiado en Citrix ADC y Citrix Gateway versiones anteriores a 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 y 10.5-70.18 y Citrix SDWAN WAN-OP versiones anteriores a 11.1.1a, 11.0.3d y 10.2.7, permite un acceso no autenticado a... • https://packetstorm.news/files/id/160047 • CWE-284: Improper Access Control CWE-287: Improper Authentication •
CVSS: 6.1EPSS: 90%CPEs: 20EXPL: 0CVE-2020-8191
https://notcve.org/view.php?id=CVE-2020-8191
10 Jul 2020 — Improper input validation in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 allows reflected Cross Site Scripting (XSS). Una comprobación de entrada inapropiada en versiones de Citrix ADC y Citrix Gateway versiones anteriores a 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 y 10.5-70.18 y Citrix SDWAN WAN-OP versiones anteriores a 11.1.1a, 11.0.3d y 10.2.7, permite un ataque de ti... • https://support.citrix.com/article/CTX276688 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2020-8187
https://notcve.org/view.php?id=CVE-2020-8187
10 Jul 2020 — Improper input validation in Citrix ADC and Citrix Gateway versions before 11.1-63.9 and 12.0-62.10 allows unauthenticated users to perform a denial of service attack. Una comprobación de entrada inapropiada en Citrix ADC y Citrix Gateway versiones anteriores a 11.1-63.9 y 12.0-62.10, permite a usuarios no autenticados llevar a cabo un ataque de denegación de servicio • https://support.citrix.com/article/CTX276688 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 13EXPL: 0CVE-2020-8190
https://notcve.org/view.php?id=CVE-2020-8190
10 Jul 2020 — Incorrect file permissions in Citrix ADC and Citrix Gateway before versions 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 allows privilege escalation. Unos permisos de archivo incorrectos en Citrix ADC y Citrix Gateway versiones anteriores a 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 y 10.5-70.18, permiten una escalada de privilegios • https://support.citrix.com/article/CTX276688 • CWE-281: Improper Preservation of Permissions •
CVSS: 7.5EPSS: 1%CPEs: 10EXPL: 0CVE-2013-3620
https://notcve.org/view.php?id=CVE-2013-3620
02 Jan 2020 — Hardcoded WSMan credentials in Intelligent Platform Management Interface (IPMI) with firmware for Supermicro X9 generation motherboards before 3.15 (SMT_X9_315) and firmware for Supermicro X8 generation motherboards before SMT X8 312. Credenciales WSMan embebidas en Intelligent Platform Management Interface (IPMI) con firmware para tarjetas madres generación X9 Supermicro versiones anteriores a la versión 3.15 (SMT_X9_315) y firmware para tarjetas madres generación X8 Supermicro versiones anteriores a la ve... • http://support.citrix.com/article/CTX216642 • CWE-522: Insufficiently Protected Credentials •
CVSS: 8.1EPSS: 9%CPEs: 10EXPL: 1CVE-2013-3619 – Supermicro Onboard IPMI Static SSL Certificate Scanner
https://notcve.org/view.php?id=CVE-2013-3619
02 Jan 2020 — Intelligent Platform Management Interface (IPMI) with firmware for Supermicro X9 generation motherboards before SMT_X9_317 and firmware for Supermicro X8 generation motherboards before SMT X8 312 contain harcoded private encryption keys for the (1) Lighttpd web server SSL interface and the (2) Dropbear SSH daemon. Intelligent Platform Management Interface (IPMI) con firmware para las tarjetas madres generación X9 Supermicro versiones anteriores a SMT_X9_317 y el firmware para las tarjetas madres generación ... • https://packetstorm.news/files/id/181030 • CWE-798: Use of Hard-coded Credentials •
CVSS: 9.8EPSS: 94%CPEs: 13EXPL: 53CVE-2019-19781 – Citrix ADC, Gateway, and SD-WAN WANOP Appliance Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2019-19781
27 Dec 2019 — An issue was discovered in Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0. They allow Directory Traversal. Se descubrió un problema en Citrix Application Delivery Controller (ADC) and Gateway versiones 10.5, 11.1, 12.0, 12.1 y 13.0. Permiten un salto de directorio. Citrix ADC, Citrix Gateway, and multiple Citrix SD-WAN WANOP appliance models contain an unspecified vulnerability that could allow an unauthenticated attacker to perform code execution. • https://packetstorm.news/files/id/181080 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.8EPSS: 0%CPEs: 13EXPL: 0CVE-2019-18225
https://notcve.org/view.php?id=CVE-2019-18225
21 Oct 2019 — An issue was discovered in Citrix Application Delivery Controller (ADC) and Gateway before 10.5 build 70.8, 11.x before 11.1 build 63.9, 12.0 before build 62.10, 12.1 before build 54.16, and 13.0 before build 41.28. An attacker with management-interface access can bypass authentication to obtain appliance administrative access. These products formerly used the NetScaler brand name. Se detectó un problema en Citrix Application Delivery Controller (ADC) y Gateway versiones anteriores a 10.5 build 70.8, versio... • https://support.citrix.com/article/CTX261055 •