CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-8199
https://notcve.org/view.php?id=CVE-2020-8199
Improper access control in Citrix ADC Gateway Linux client versions before 1.0.0.137 results in local privilege escalation to root. Un control de acceso inapropiado en el cliente de Citrix ADC Gateway Linux versiones anteriores a 1.0.0.137, resulta en una escalada de privilegios locales a root • https://support.citrix.com/article/CTX276688 •
CVSS: 8.8EPSS: 0%CPEs: 13EXPL: 0CVE-2020-8197
https://notcve.org/view.php?id=CVE-2020-8197
Privilege escalation vulnerability on Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 allows a low privileged user with management access to execute arbitrary commands. Una vulnerabilidad de escalada de privilegios en Citrix ADC y Citrix Gateway versiones anteriores a 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 y 10.5-70.18, permite a un usuario poco privilegiado con acceso de administración ejecutar comandos arbitrarios • https://support.citrix.com/article/CTX276688 •
CVSS: 4.3EPSS: 0%CPEs: 20EXPL: 0CVE-2020-8196 – Citrix ADC, Gateway, and SD-WAN WANOP Appliance Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2020-8196
Improper access control in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 resulting in limited information disclosure to low privileged users. Un control de acceso inapropiado en Citrix ADC y Citrix Gateway versiones anteriores a 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 y 10.5-70.18 y Citrix SDWAN WAN-OP versiones anteriores a 11.1.1a, 11.0.3d y 10.2.7, resulta en una divulgación de información limitada para usuarios poco privilegiados Citrix ADC, Citrix Gateway, and multiple Citrix SD-WAN WANOP appliance models contain an information disclosure vulnerability. • http://packetstormsecurity.com/files/160047/Citrix-ADC-NetScaler-Local-File-Inclusion.html https://support.citrix.com/article/CTX276688 • CWE-284: Improper Access Control CWE-287: Improper Authentication •
CVSS: 6.5EPSS: 89%CPEs: 21EXPL: 1CVE-2020-8195 – Citrix ADC, Gateway, and SD-WAN WANOP Appliance Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2020-8195
Improper input validation in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 resulting in limited information disclosure to low privileged users. Una comprobación de entrada inapropiada en Citrix ADC y Citrix Gateway versiones anteriores a 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 y 10.5-70.18 y Citrix SDWAN WAN-OP versiones anteriores a 11.1.1a, 11.0.3d y 10.2.7, resulta en una divulgación de información limitada para usuarios poco privilegiados Citrix ADC, Citrix Gateway, and multiple Citrix SD-WAN WANOP appliance models contain an information disclosure vulnerability. • http://packetstormsecurity.com/files/160047/Citrix-ADC-NetScaler-Local-File-Inclusion.html https://support.citrix.com/article/CTX276688 • CWE-20: Improper Input Validation CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 6.1EPSS: 0%CPEs: 20EXPL: 0CVE-2020-8198
https://notcve.org/view.php?id=CVE-2020-8198
Improper input validation in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 resulting in Stored Cross-Site Scripting (XSS). Una comprobación de entrada inapropiada en Citrix ADC y Citrix Gateway versiones anteriores a 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 y 10.5-70.18 y Citrix SDWAN WAN-OP versiones anteriores a 11.1.1a, 11.0.3d y 10.2.7, resulta en una vulnerabilidad de tipo Cross-Site Scripting (XSS) Almacenado • https://support.citrix.com/article/CTX276688 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •