cbcvebase.
CVE-2020-8187
published 2020-07-10

CVE-2020-8187: Improper input validation in Citrix ADC and Citrix Gateway versions before 11.1-63.9 and 12.0-62.10 allows unauthenticated users to perform a denial of service…

PriorityP338high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
EPSS
1.95%
77.7th percentile
Improper input validation in Citrix ADC and Citrix Gateway versions before 11.1-63.9 and 12.0-62.10 allows unauthenticated users to perform a denial of service attack.

Affected

12 ranges
VendorProductVersion rangeFixed in
citrixapplication_delivery_controller_firmware>= 11.1 < 11.1-63.911.1-63.9
citrixapplication_delivery_controller_firmware>= 12.0 < 12.0-62.1012.0-62.10
citrixcitrix_adc
citrixcitrix_application_delivery_controller
citrixcitrix_gateway
citrixcitrix_sd-wan_wanop
citrixnetscaler_adc
citrixnetscaler_gateway
citrixnetscaler_gateway_firmware>= 11.1 < 11.1-63.911.1-63.9
citrixnetscaler_gateway_firmware>= 12.0 < 12.0-62.1012.0-62.10
citrixsd-wan
citrixxenserver

CVSS provenance

nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.