CVE-2020-6175
published 2020-03-16CVE-2020-6175: Citrix SD-WAN 10.2.x before 10.2.6 and 11.0.x before 11.0.3 has Missing SSL Certificate Validation.
PriorityP429medium5.9CVSS 3.1
AVNACHPRNUINSUCHINAN
EPSS
0.59%
43.8th percentile
Citrix SD-WAN 10.2.x before 10.2.6 and 11.0.x before 11.0.3 has Missing SSL Certificate Validation.
Affected
12 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| citrix | citrix_adm | — | — |
| citrix | citrix_hypervisor | — | — |
| citrix | citrix_sd-wan_center | 10.1.1 – 10.1.2 | — |
| citrix | citrix_sd-wan_center | >= 10.2.0 < 10.2.6 | 10.2.6 |
| citrix | citrix_sd-wan_center | >= 11.0.0 < 11.0.3 | 11.0.3 |
| citrix | citrix_virtual_apps_and_desktops | — | — |
| citrix | endpoint_management | — | — |
| citrix | netscaler_adc | — | — |
| citrix | netscaler_gateway | — | — |
| citrix | netscaler_sd-wan_center | <= 10.0.8 | — |
| citrix | sd-wan | — | — |
| citrix | xenserver | — | — |
CVSS provenance
nvdv3.15.9MEDIUMCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:P/I:N/A:N
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Citrix
CVE-2020-6175: Citrix SD-WAN 10.2.x before 10.2.6 and 11.0.x before 11.0.3 has Missing SSL Certificate Validation.
vendor_citrix·2020-03-16·CVSS 5.9
CVE-2020-6175 [MEDIUM] CWE-295 CVE-2020-6175: Citrix SD-WAN 10.2.x before 10.2.6 and 11.0.x before 11.0.3 has Missing SSL Certificate Validation.
CVE-2020-6175: Citrix SD-WAN 10.2.x before 10.2.6 and 11.0.x before 11.0.3 has Missing SSL Certificate Validation.
Citrix
Citrix Security Bulletin CTX263526
vendor_citrix·CVSS 5.9
CVE-2020-6175 [MEDIUM] Citrix Security Bulletin CTX263526
Citrix Security Bulletin CTX263526
CVE References: CVE-2020-6175, CVE-2025-12101, CVE-2025-62626, CVE-2026-23554, CVE-2026-3055, CVE-2026-4368, CVE-2026-4397
Affected Products: Citrix ADM, Citrix Hypervisor, Citrix Virtual Apps and Desktops, Endpoint Management, NetScaler ADC, NetScaler Gateway, XenServer
GHSA
GHSA-w8xf-5mxg-f2r2: Citrix SD-WAN 10
ghsa_unreviewed·2022-05-24
CVE-2020-6175 [MEDIUM] GHSA-w8xf-5mxg-f2r2: Citrix SD-WAN 10
Citrix SD-WAN 10.2.x before 10.2.6 and 11.0.x before 11.0.3 has Missing SSL Certificate Validation.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2020-03-16
Published