CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2022-21827
https://notcve.org/view.php?id=CVE-2022-21827
An improper privilege vulnerability has been discovered in Citrix Gateway Plug-in for Windows (Citrix Secure Access for Windows) <21.9.1.2 what could allow an attacker who has gained local access to a computer with Citrix Gateway Plug-in installed, to corrupt or delete files as SYSTEM. Se ha detectado una vulnerabilidad de privilegio inapropiado en Citrix Gateway Plug-in para Windows (Citrix Secure Access para Windows) versiones anteriores a 21.9.1.2, que podría permitir a un atacante que haya obtenido acceso local a un equipo con Citrix Gateway Plug-in instalado, corromper o eliminar archivos como SYSTEM • https://support.citrix.com/article/CTX341455 • CWE-269: Improper Privilege Management •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2020-8258
https://notcve.org/view.php?id=CVE-2020-8258
Improper privilege management on services run by Citrix Gateway Plug-in for Windows, versions before and including 13.0-61.48 and 12.1-58.15, allows an attacker to modify arbitrary files. Una administración de privilegios inapropiada en los servicios ejecutados por Citrix Gateway Plug-in para Windows, versiones anteriores e incluyendo 13.0-61.48 y 12.1-58.15, permite a un atacante modificar archivos arbitrarios • https://support.citrix.com/article/CTX282684 • CWE-269: Improper Privilege Management •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2020-8257
https://notcve.org/view.php?id=CVE-2020-8257
Improper privilege management on services run by Citrix Gateway Plug-in for Windows, versions before and including 13.0-61.48 and 12.1-58.15, lead to privilege escalation attacks Una administración de privilegios inapropiada en los servicios ejecutados por Citrix Gateway Plug-in para Windows, versiones anteriores e incluyendo a 13.0-61.48 y 12.1-58.15, conlleva a ataques de escalada de privilegios • https://support.citrix.com/article/CTX282684 • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-8199
https://notcve.org/view.php?id=CVE-2020-8199
Improper access control in Citrix ADC Gateway Linux client versions before 1.0.0.137 results in local privilege escalation to root. Un control de acceso inapropiado en el cliente de Citrix ADC Gateway Linux versiones anteriores a 1.0.0.137, resulta en una escalada de privilegios locales a root • https://support.citrix.com/article/CTX276688 •
CVSS: 6.5EPSS: 89%CPEs: 21EXPL: 1CVE-2020-8195 – Citrix ADC, Gateway, and SD-WAN WANOP Appliance Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2020-8195
Improper input validation in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 resulting in limited information disclosure to low privileged users. Una comprobación de entrada inapropiada en Citrix ADC y Citrix Gateway versiones anteriores a 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 y 10.5-70.18 y Citrix SDWAN WAN-OP versiones anteriores a 11.1.1a, 11.0.3d y 10.2.7, resulta en una divulgación de información limitada para usuarios poco privilegiados Citrix ADC, Citrix Gateway, and multiple Citrix SD-WAN WANOP appliance models contain an information disclosure vulnerability. • http://packetstormsecurity.com/files/160047/Citrix-ADC-NetScaler-Local-File-Inclusion.html https://support.citrix.com/article/CTX276688 • CWE-20: Improper Input Validation CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •