cpe:2.3:o:citrix:netscaler_gateway_firmware:12.1.49.23:*:*:*:*:*:*:*
Improper input validation in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 resulting in Stored Cross-Site Scripting (XSS).
Max CVSS
6.1
EPSS Score
0.08%
Published
2020-07-10
Updated
2020-07-13
Privilege escalation vulnerability on Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 allows a low privileged user with management access to execute arbitrary commands.
Max CVSS
8.8
EPSS Score
0.10%
Published
2020-07-10
Updated
2021-07-21

CVE-2020-8196

Known exploited
Improper access control in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 resulting in limited information disclosure to low privileged users.
Max CVSS
4.3
EPSS Score
0.20%
Published
2020-07-10
Updated
2022-09-20
CISA KEV Added
2021-11-03

CVE-2020-8195

Known exploited
Improper input validation in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 resulting in limited information disclosure to low privileged users.
Max CVSS
6.5
EPSS Score
87.95%
Published
2020-07-10
Updated
2022-09-20
CISA KEV Added
2021-11-03
Reflected code injection in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 allows the modification of a file download.
Max CVSS
6.5
EPSS Score
97.36%
Published
2020-07-10
Updated
2020-07-13

CVE-2020-8193

Known exploited
Improper access control in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 allows unauthenticated access to certain URL endpoints.
Max CVSS
6.5
EPSS Score
97.46%
Published
2020-07-10
Updated
2022-09-20
CISA KEV Added
2021-11-03
Improper input validation in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 allows reflected Cross Site Scripting (XSS).
Max CVSS
6.1
EPSS Score
0.21%
Published
2020-07-10
Updated
2020-07-13
Incorrect file permissions in Citrix ADC and Citrix Gateway before versions 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 allows privilege escalation.
Max CVSS
7.5
EPSS Score
0.10%
Published
2020-07-10
Updated
2020-07-13
8 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!