CVSS: 6.5EPSS: 97%CPEs: 20EXPL: 5CVE-2020-8193 – Citrix ADC, Gateway, and SD-WAN WANOP Appliance Authorization Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2020-8193
Improper access control in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 allows unauthenticated access to certain URL endpoints. Un control de acceso inapropiado en Citrix ADC y Citrix Gateway versiones anteriores a 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 y 10.5-70.18 y Citrix SDWAN WAN-OP versiones anteriores a 11.1.1a, 11.0.3d y 10.2.7, permite un acceso no autenticado a determinados endpoints de URL Citrix ADC, Citrix Gateway, and multiple Citrix SD-WAN WANOP appliance models contain an authorization bypass vulnerability that may allow unauthenticated access to certain URL endpoints. The attacker must have access to the NetScaler IP (NSIP) in order to perform exploitation. • https://github.com/jas502n/CVE-2020-8193 https://github.com/Airboi/Citrix-ADC-RCE-CVE-2020-8193 https://github.com/PR3R00T/CVE-2020-8193-Citrix-Scanner https://github.com/ctlyz123/CVE-2020-8193 http://packetstormsecurity.com/files/160047/Citrix-ADC-NetScaler-Local-File-Inclusion.html https://support.citrix.com/article/CTX276688 • CWE-284: Improper Access Control CWE-287: Improper Authentication •
CVSS: 6.1EPSS: 0%CPEs: 20EXPL: 0CVE-2020-8191
https://notcve.org/view.php?id=CVE-2020-8191
Improper input validation in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 allows reflected Cross Site Scripting (XSS). Una comprobación de entrada inapropiada en versiones de Citrix ADC y Citrix Gateway versiones anteriores a 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 y 10.5-70.18 y Citrix SDWAN WAN-OP versiones anteriores a 11.1.1a, 11.0.3d y 10.2.7, permite un ataque de tipo Cross Site Scripting (XSS) reflejado • https://support.citrix.com/article/CTX276688 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2020-8187
https://notcve.org/view.php?id=CVE-2020-8187
Improper input validation in Citrix ADC and Citrix Gateway versions before 11.1-63.9 and 12.0-62.10 allows unauthenticated users to perform a denial of service attack. Una comprobación de entrada inapropiada en Citrix ADC y Citrix Gateway versiones anteriores a 11.1-63.9 y 12.0-62.10, permite a usuarios no autenticados llevar a cabo un ataque de denegación de servicio • https://support.citrix.com/article/CTX276688 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 13EXPL: 0CVE-2020-8190
https://notcve.org/view.php?id=CVE-2020-8190
Incorrect file permissions in Citrix ADC and Citrix Gateway before versions 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 allows privilege escalation. Unos permisos de archivo incorrectos en Citrix ADC y Citrix Gateway versiones anteriores a 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 y 10.5-70.18, permiten una escalada de privilegios • https://support.citrix.com/article/CTX276688 • CWE-281: Improper Preservation of Permissions •
CVSS: 5.8EPSS: 0%CPEs: 3EXPL: 1CVE-2020-10112 – Citrix Gateway 11.1 / 12.0 / 12.1 Cache Poisoning
https://notcve.org/view.php?id=CVE-2020-10112
Citrix Gateway 11.1, 12.0, and 12.1 allows Cache Poisoning. NOTE: Citrix disputes this as not a vulnerability. By default, Citrix ADC only caches static content served under certain URL paths for Citrix Gateway usage. No dynamic content is served under these paths, which implies that those cached pages would not change based on parameter values. All other data traffic going through Citrix Gateway are NOT cached by default ** EN DISPUTA ** Citrix Gateway 11.1, 12.0 y 12.1 permite el envenenamiento de caché. • http://packetstormsecurity.com/files/156660/Citrix-Gateway-11.1-12.0-12.1-Cache-Poisoning.html http://seclists.org/fulldisclosure/2020/Mar/8 https://support.citrix.com/search • CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •