Published: 10/07/2020 Updated: 13/07/2020

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Improper input validation in Citrix ADC and Citrix Gateway versions prior to 11.1-63.9 and 12.0-62.10 allows unauthenticated users to perform a denial of service attack.

Vulnerable Product	Search on Vulmon	Subscribe to Product
citrix application_delivery_controller_firmware
citrix netscaler_gateway_firmware

Description of Problem Multiple vulnerabilities have been discovered in Citrix ADC (formerly known as NetScaler ADC), Citrix Gateway (formerly known as NetScaler Gateway) and Citrix SD-WAN WANOP appliance models 4000-WO, 4100-WO, 5000-WO, and 5100-WO These vulnerabilities, if exploited, could result in a number of security issues i ...

Citrix tells everyone not to worry too much about its latest security patches. NSA's former top hacker disagrees

The Register • Shaun Nichols in San Francisco • 08 Jul 2020

Eleven flaws cleaned up including one that may be exploited to sling malware downloads Australian PM says nation under serious state-run 'cyber attack' – Microsoft, Citrix, Telerik UI bugs 'exploited'

Citrix has issued patches for 11 CVE-listed security vulnerabilities in its various networking products. The bundle includes fixes for one code injection bug, three information disclosure flaws, three elevation of privilege bugs, two cross-site scripting vulnerabilities, one denial-of-service hole, and one authorization-bypass flaw. Affected gear includes the Citrix Application Delivery Controller (ADC), Citrix Gateway, and Citrix SD-WAN WANOP. So far there have been no reports of any of the bug...

CVE-2020-8187

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Recent Articles

References

Vulmon Search

About

Products

Connect