Published: 16/06/2021 Updated: 20/09/2022

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Citrix ADC and Citrix/NetScaler Gateway prior to 13.0-82.41, 12.1-62.23, 11.1-65.20 and Citrix ADC 12.1-FIPS prior to 12.1-55.238 suffer from improper access control allowing SAML authentication hijack through a phishing attack to steal a valid user session. Note that Citrix ADC or Citrix Gateway must be configured as a SAML SP or a SAML IdP for this to be possible.

Vulnerable Product	Search on Vulmon	Subscribe to Product
citrix netscaler gateway
citrix gateway
citrix application_delivery_controller_firmware

Description of Problem Multiple vulnerabilities have been discovered in Citrix ADC (formerly known as NetScaler ADC), Citrix Gateway (formerly known as NetScaler Gateway), and Citrix SD-WAN WANOP Edition appliance models 4000-WO, 4100-WO, 5000-WO, and 5100-WO These vulnerabilities, if exploited, could result in the following security iss ...

Detect Citrix ADC SAML action or SAML iDP Profile config vulnerable to CVE-2020-8300 using Citrix ADC NITRO API

Detect Citrix ADC SAML action or SAML iDP Profile config vulnerable to CVE-2020-8300 using Citrix ADC NITRO API EXAMPLE & '\CitrixADC-CVE-2020-8300ps1' -NSIPProtocol http -NSIP 10101010 -user nitro -pass "SshhhItsASecret" If this proves useful to anyone I will develop further with the following functionality: Identify bindings for SAML Actions

NVD-CWE-Other https://support.citrix.com/article/CTX297155 https://nvd.nist.gov https://github.com/stuartcarroll/CitrixADC-CVE-2020-8300 https://support.citrix.com/article/CTX297155

CVE-2020-8300

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Github Repositories

References

Vulmon Search

About

Products

Connect