CVE-2020-8187
published 2020-07-10CVE-2020-8187: Improper input validation in Citrix ADC and Citrix Gateway versions before 11.1-63.9 and 12.0-62.10 allows unauthenticated users to perform a denial of service…
PriorityP338high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
EPSS
1.95%
77.7th percentile
Improper input validation in Citrix ADC and Citrix Gateway versions before 11.1-63.9 and 12.0-62.10 allows unauthenticated users to perform a denial of service attack.
Affected
12 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| citrix | application_delivery_controller_firmware | >= 11.1 < 11.1-63.9 | 11.1-63.9 |
| citrix | application_delivery_controller_firmware | >= 12.0 < 12.0-62.10 | 12.0-62.10 |
| citrix | citrix_adc | — | — |
| citrix | citrix_application_delivery_controller | — | — |
| citrix | citrix_gateway | — | — |
| citrix | citrix_sd-wan_wanop | — | — |
| citrix | netscaler_adc | — | — |
| citrix | netscaler_gateway | — | — |
| citrix | netscaler_gateway_firmware | >= 11.1 < 11.1-63.9 | 11.1-63.9 |
| citrix | netscaler_gateway_firmware | >= 12.0 < 12.0-62.10 | 12.0-62.10 |
| citrix | sd-wan | — | — |
| citrix | xenserver | — | — |
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Citrix
Citrix Application Delivery Controller, Citrix Gateway, and Citrix SD-WAN WANOP appliance Security Update
vendor_citrix·2020-08-17·CVSS 6.5
CVE-2019-18177 [MEDIUM] Citrix Application Delivery Controller, Citrix Gateway, and Citrix SD-WAN WANOP appliance Security Update
Citrix Application Delivery Controller, Citrix Gateway, and Citrix SD-WAN WANOP appliance Security Update
of Problem Multiple vulnerabilities have been discovered in Citrix ADC (formerly known as NetScaler ADC), Citrix Gateway (formerly known as NetScaler Gateway) and Citrix SD-WAN WANOP appliance models 4000-WO, 4100-WO, 5000-WO, and 5100-WO. These vulnerabilities, if exploited, could result in a number of security issues including: Attacks that are limited to the management interface System compromise by an unauthenticated user on the management network. System compromise through Cross Site Scripting (XSS) on the management interface Creation of a download link for the device which, if downloaded and then executed by an unauthenticated user on the management network, may result in the c
Citrix
CVE-2020-8187: Improper input validation in Citrix ADC and Citrix Gateway versions before 11.1-63.9 and 12.0-62.10 allows unauthenticated users to perform a denial o
vendor_citrix·2020-07-10·CVSS 7.5
CVE-2020-8187 [HIGH] CWE-20 CVE-2020-8187: Improper input validation in Citrix ADC and Citrix Gateway versions before 11.1-63.9 and 12.0-62.10 allows unauthenticated users to perform a denial o
CVE-2020-8187: Improper input validation in Citrix ADC and Citrix Gateway versions before 11.1-63.9 and 12.0-62.10 allows unauthenticated users to perform a denial of service attack.
GHSA
GHSA-qq2f-8prw-23j6: Improper input validation in Citrix ADC and Citrix Gateway versions before 11
ghsa_unreviewed·2022-05-24
CVE-2020-8187 [MEDIUM] GHSA-qq2f-8prw-23j6: Improper input validation in Citrix ADC and Citrix Gateway versions before 11
Improper input validation in Citrix ADC and Citrix Gateway versions before 11.1-63.9 and 12.0-62.10 allows unauthenticated users to perform a denial of service attack.
No detection rules found.
No public exploits indexed.
2020-07-10
Published