CVE-2020-8300

Published: 16/06/2021 Updated: 20/09/2022

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Citrix ADC and Citrix/NetScaler Gateway prior to 13.0-82.41, 12.1-62.23, 11.1-65.20 and Citrix ADC 12.1-FIPS prior to 12.1-55.238 suffer from improper access control allowing SAML authentication hijack through a phishing attack to steal a valid user session. Note that Citrix ADC or Citrix Gateway must be configured as a SAML SP or a SAML IdP for this to be possible.

Vulnerable Product	Search on Vulmon	Subscribe to Product
citrix netscaler gateway
citrix gateway
citrix application delivery controller firmware

Description of Problem Multiple vulnerabilities have been discovered in Citrix ADC (formerly known as NetScaler ADC), Citrix Gateway (formerly known as NetScaler Gateway), and Citrix SD-WAN WANOP Edition appliance models 4000-WO, 4100-WO, 5000-WO, and 5100-WO These vulnerabilities, if exploited, could result in the following security iss ...

Detect Citrix ADC SAML action or SAML iDP Profile config vulnerable to CVE-2020-8300 using Citrix ADC NITRO API

Detect Citrix ADC SAML action or SAML iDP Profile config vulnerable to CVE-2020-8300 using Citrix ADC NITRO API EXAMPLE & '\CitrixADC-CVE-2020-8300ps1' -NSIPProtocol http -NSIP 10101010 -user nitro -pass "SshhhItsASecret" If this proves useful to anyone I will develop further with the following functionality: Identify bindings for SAML Actions

NVD-CWE-Other https://support.citrix.com/article/CTX297155 https://nvd.nist.gov https://github.com/stuartcarroll/CitrixADC-CVE-2020-8300 https://support.citrix.com/article/CTX297155

CVE-2020-8300

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Github Repositories

References

Vulmon Search

About

Products

Connect