CVE-2020-8195
published 2020-07-10CVE-2020-8195: Improper input validation in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN…
PriorityP182medium6.5CVSS 3.1
AVNACLPRLUINSUCHINAN
KEVITWEXPLOITRansomware
CISA Known Exploited Vulnerabilitydue 2022-05-03
Exploited in the wild
EPSS
33.26%
98.2th percentile
Improper input validation in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 resulting in limited information disclosure to low privileged users.
Affected
22 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| citrix | application_delivery_controller_firmware | >= 10.5 < 10.5-70.18 | 10.5-70.18 |
| citrix | application_delivery_controller_firmware | >= 11.1 < 11.1-64.14 | 11.1-64.14 |
| citrix | application_delivery_controller_firmware | >= 12.0 < 12.0-63.21 | 12.0-63.21 |
| citrix | application_delivery_controller_firmware | >= 12.1 < 12.1-57.18 | 12.1-57.18 |
| citrix | application_delivery_controller_firmware | >= 13.0 < 13.0-58.30 | 13.0-58.30 |
| citrix | citrix_adc | — | — |
| citrix | citrix_application_delivery_controller | — | — |
| citrix | citrix_gateway | — | — |
| citrix | citrix_sd-wan_wanop | — | — |
| citrix | gateway_firmware | >= 13.0 < 13.0-58.30 | 13.0-58.30 |
| citrix | gateway_plug-in_for_linux | < 1.0.0.137 | 1.0.0.137 |
| citrix | netscaler_adc | — | — |
| citrix | netscaler_gateway | — | — |
| citrix | netscaler_gateway_firmware | >= 10.5 < 10.5-70.18 | 10.5-70.18 |
| citrix | netscaler_gateway_firmware | >= 11.1 < 11.1-64.14 | 11.1-64.14 |
| citrix | netscaler_gateway_firmware | >= 12.0 < 12.0-63.21 | 12.0-63.21 |
| citrix | netscaler_gateway_firmware | >= 12.1 < 12.1-57.18 | 12.1-57.18 |
| citrix | sd-wan | — | — |
| citrix | sd-wan_wanop | >= 10.2 < 10.2.7 | 10.2.7 |
| citrix | sd-wan_wanop | >= 11.0 < 11.0.3d | 11.0.3d |
| citrix | sd-wan_wanop | >= 11.1 < 11.1.1a | 11.1.1a |
| citrix | xenserver | — | — |
Detection & IOCsextracted from sources · hover to see the quote
snort
alert http any any -> [$HOME_NET,$HTTP_SERVERS] any (msg:"ET EXPLOIT Possible Citrix Information Disclosure Attempt Inbound (CVE-2020-8195)"; flow:established,to_server; http.method; content:"POST"; http.uri; content:"?filter=path|3a 25|2F"; fast_pattern; http.request_body; content:"<clipermission"; startswith; reference:url,research.nccgroup.com/2020/07/10/rift-citrix-adc-vulnerabilities-cve-2020-8193-cve-2020-8195-and-cve-2020-8196-intelligence/; reference:cve,2020-8195; classtype:attempted-admin; sid:2031068; rev:1; metadata:created_at 2020_10_21, cve CVE_2020_8195, deployment Perimeter, deployment Internal, performance_impact Low, confidence Medium, signature_severity Major, tag CISA_KEV, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2020_10_21, mitre_tactic_id TA0007, mitre_tactic_name Discovery, mitre_technique_id T1082, mitre_technique_name System_Information_Discovery;)
- →Exploit chain begins with an auth-bypass POST to /pcidss/report with URL params type=allprofiles, sid=loginchallengeresponse1requestbody, username=nsroot, set=1 and Content-Type application/xml; look for HTTP 406 response as a positive indicator of vulnerability. ↗
- →LFI read is performed via POST to /rapi/filedownload with query parameter filter=path:<URL-encoded path>; the request body contains XML starting with <clipermission and includes custom headers X-NITRO-USER and X-NITRO-PASS. ↗
- →The exploit URL-encodes forward slashes as %2F in the path parameter (e.g., filter=path:%2Fetc%2Fpasswd); detect the pattern ?filter=path|3a 25|2F in HTTP URI.
- →Successful session establishment is confirmed by a SESSID cookie in the response; subsequent requests reuse this cookie for the LFI stage. ↗
- →Exploit targets /nsconfig/ns.conf by default, which contains device configuration including credentials; alert on POST requests to /rapi/filedownload referencing this path. ↗
- →Exploit also enumerates /var/nstmp for session files; monitor POST requests to /rapi/filedownload with this path. ↗
- →Presence of root:*:0:0: in the HTTP 406 response body to the /rapi/filedownload request confirms successful LFI exploitation. ↗
- →The exploit uses a rand_key header value extracted from /menu/ss endpoint; monitor GET requests to /menu/ss?sid=nsroot&username=nsroot&force_setup=1 as a precursor step. ↗
- ·CVE-2020-8195 is chained with CVE-2020-8193 (auth bypass) in the wild; the Snort rule for CVE-2020-8195 (sid:2031068) carries only Medium confidence, while the auth-bypass rule (sid:2031067) carries High confidence — both should be deployed together for full coverage. ↗
- ·The exploit module notes it is unclear at runtime whether the information disclosure is CVE-2020-8195 or CVE-2020-8196; detections targeting the LFI path may fire for either CVE. ↗
CVSS provenance
nvdv3.16.5MEDIUMCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
nvdv2.04.0MEDIUMAV:N/AC:L/Au:S/C:P/I:N/A:N
vulncheck6.5MEDIUM
cisa6.5MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-jwjc-9cxc-87j8: Improper input validation in Citrix ADC and Citrix Gateway versions before 13
ghsa_unreviewed·2022-05-24
CVE-2020-8195 [MEDIUM] CWE-20 GHSA-jwjc-9cxc-87j8: Improper input validation in Citrix ADC and Citrix Gateway versions before 13
Improper input validation in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 resulting in limited information disclosure to low privileged users.
VulnCheck
Citrix ADC, Gateway, and SD-WAN WANOP Appliance Information Disclosure Vulnerability
vulncheck·2020·CVSS 6.5
CVE-2020-8195 [MEDIUM] CWE-20 Citrix ADC, Gateway, and SD-WAN WANOP Appliance Information Disclosure Vulnerability
Citrix ADC, Gateway, and SD-WAN WANOP Appliance Information Disclosure Vulnerability
Citrix ADC, Citrix Gateway, and multiple Citrix SD-WAN WANOP appliance models contain an information disclosure vulnerability.
Affected: Citrix Application Delivery Controller (ADC), Gateway, and SD-WAN WANOP Appliance
Required Action: Apply updates per vendor instructions.
Known Ransomware Campaign Use: Known
Exploitation References: https://us-cert.cisa.gov/ncas/analysis-reports/ar20-259a; https://cisa.gov/news-events/cybersecurity-advisories/aa20-275a; https://media.defense.gov/2020/Oct/20/2002519884/-1/-1/0/CSA_CHINESE_EXPLOIT_VULNERABILITIES_UOO179811.PDF; https://us-cert.cisa.gov/ncas/alerts/aa20-275a; https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json; https://w
CISA
Citrix ADC, Gateway, and SD-WAN WANOP Appliance Information Disclosure Vulnerability
cisa·2021-11-03·CVSS 6.5
CVE-2020-8195 [MEDIUM] CWE-20 Citrix ADC, Gateway, and SD-WAN WANOP Appliance Information Disclosure Vulnerability
Vulnerability: Citrix ADC, Gateway, and SD-WAN WANOP Appliance Information Disclosure Vulnerability
Affected: Citrix Application Delivery Controller (ADC), Gateway, and SD-WAN WANOP Appliance
Citrix ADC, Citrix Gateway, and multiple Citrix SD-WAN WANOP appliance models contain an information disclosure vulnerability.
Required Action: Apply updates per vendor instructions.
Notes: https://nvd.nist.gov/vuln/detail/CVE-2020-8195
Remediation Due Date: 2022-05-03
Citrix
Citrix Application Delivery Controller, Citrix Gateway, and Citrix SD-WAN WANOP appliance Security Update
vendor_citrix·2020-08-17·CVSS 6.5
CVE-2019-18177 [MEDIUM] Citrix Application Delivery Controller, Citrix Gateway, and Citrix SD-WAN WANOP appliance Security Update
Citrix Application Delivery Controller, Citrix Gateway, and Citrix SD-WAN WANOP appliance Security Update
of Problem Multiple vulnerabilities have been discovered in Citrix ADC (formerly known as NetScaler ADC), Citrix Gateway (formerly known as NetScaler Gateway) and Citrix SD-WAN WANOP appliance models 4000-WO, 4100-WO, 5000-WO, and 5100-WO. These vulnerabilities, if exploited, could result in a number of security issues including: Attacks that are limited to the management interface System compromise by an unauthenticated user on the management network. System compromise through Cross Site Scripting (XSS) on the management interface Creation of a download link for the device which, if downloaded and then executed by an unauthenticated user on the management network, may result in the c
Citrix
CVE-2020-8195: Improper input validation in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SD
vendor_citrix·2020-07-10·CVSS 6.5
CVE-2020-8195 [MEDIUM] CWE-20 CVE-2020-8195: Improper input validation in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SD
CVE-2020-8195: Improper input validation in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 resulting in limited information disclosure to low privileged users.
CISA KEV: Citrix ADC, Citrix Gateway, and multiple Citrix SD-WAN WANOP appliance models contain an information disclosure vulnerability.
Required Action: Apply updates per vendor instructions.
Suricata
ET EXPLOIT Possible Citrix Authentication Bypass Attempt Inbound (CVE-2020-8193)
suricata·2020-10-21·CVSS 6.5
CVE-2020-8193 [MEDIUM] ET EXPLOIT Possible Citrix Authentication Bypass Attempt Inbound (CVE-2020-8193)
ET EXPLOIT Possible Citrix Authentication Bypass Attempt Inbound (CVE-2020-8193)
Rule: alert http any any -> [$HOME_NET,$HTTP_SERVERS] any (msg:"ET EXPLOIT Possible Citrix Authentication Bypass Attempt Inbound (CVE-2020-8193)"; flow:established,to_server; http.method; content:"POST"; http.uri; content:"&sid=loginchallenge"; content:"&username=nsroot"; distance:0; fast_pattern; http.request_body; content:"<appfwprofile"; startswith; reference:url,research.nccgroup.com/2020/07/10/rift-citrix-adc-vulnerabilities-cve-2020-8193-cve-2020-8195-and-cve-2020-8196-intelligence/; reference:cve,2020-8193; classtype:attempted-admin; sid:2031067; rev:2; metadata:created_at 2020_10_21, cve CVE_2020_8193, deployment Perimeter, deployment Internal, confidence High, signature_severity Major, tag CISA_KEV,
Suricata
ET EXPLOIT Possible Citrix Information Disclosure Attempt Inbound (CVE-2020-8195)
suricata·2020-10-21·CVSS 6.5
CVE-2020-8195 [MEDIUM] ET EXPLOIT Possible Citrix Information Disclosure Attempt Inbound (CVE-2020-8195)
ET EXPLOIT Possible Citrix Information Disclosure Attempt Inbound (CVE-2020-8195)
Rule: alert http any any -> [$HOME_NET,$HTTP_SERVERS] any (msg:"ET EXPLOIT Possible Citrix Information Disclosure Attempt Inbound (CVE-2020-8195)"; flow:established,to_server; http.method; content:"POST"; http.uri; content:"?filter=path|3a 25|2F"; fast_pattern; http.request_body; content:"<clipermission"; startswith; reference:url,research.nccgroup.com/2020/07/10/rift-citrix-adc-vulnerabilities-cve-2020-8193-cve-2020-8195-and-cve-2020-8196-intelligence/; reference:cve,2020-8195; classtype:attempted-admin; sid:2031068; rev:1; metadata:created_at 2020_10_21, cve CVE_2020_8195, deployment Perimeter, deployment Internal, performance_impact Low, confidence Medium, signature_severity Major, tag CISA_KEV, tag Descr
Tenable
Hold the Door: Why Organizations Need to Prioritize Patching SSL VPNs
blogs_tenable·2021-08-25
Hold the Door: Why Organizations Need to Prioritize Patching SSL VPNs
## Cloud Exposure
Tenable Cloud Security (CNAPP) Request a demo
Tenable Cloud Vulnerability Management Request a demo
Tenable CIEM Request a demo
Secure your cloud
## Vulnerability Exposure
Tenable Vulnerability Management Try for free
Tenable Security Center Request a demo
Tenable Web App Scanning Try for free
Tenable Patch Management Request a demo
Tenable Enclave Security Request a demo
Tenable Attack Surface Management Request a demo
Tenable Nessus Try for free
## AI Exposure
Tenable AI Exposure Request a demo
## OT/IoT Exposure
Tenable OT Security Request a demo
## Identity Exposure
Tenable Identity Exposure Request a demo
## Business needs
Active Directory
AI Security Posture Management (AI-SPM)
AWS security
Azure security
Cloud Security Posture Man
Tenable
One Year Later: What Can We Learn from Zerologon?
blogs_tenable·2021-08-11
One Year Later: What Can We Learn from Zerologon?
## Cloud Exposure
Tenable Cloud Security (CNAPP) Request a demo
Tenable Cloud Vulnerability Management Request a demo
Tenable CIEM Request a demo
Secure your cloud
## Vulnerability Exposure
Tenable Vulnerability Management Try for free
Tenable Security Center Request a demo
Tenable Web App Scanning Try for free
Tenable Patch Management Request a demo
Tenable Enclave Security Request a demo
Tenable Attack Surface Management Request a demo
Tenable Nessus Try for free
## AI Exposure
Tenable AI Exposure Request a demo
## OT/IoT Exposure
Tenable OT Security Request a demo
## Identity Exposure
Tenable Identity Exposure Request a demo
## Business needs
Active Directory
AI Security Posture Management (AI-SPM)
AWS security
Azure security
Cloud Security Posture Man
Trendmicro
Manage Zero Day Exploits (ZDI) with Trend Micro Solutions
blogs_trendmicro·2021-04-28
Manage Zero Day Exploits (ZDI) with Trend Micro Solutions
Cyberbedrohungen
## How Trend Micro Helps Manage Exploited Vulnerabilities
As technological innovations evolve, protecting companies from cyber threats tomorrow secures their businesses today. Read how Trend Micro protects customers from vulnerability exploits by blocking them as early as possible.
By: Jon Clay Apr 28, 2021 Read time: ( words)
Save to Folio
As technological innovations evolve, protecting companies from cyber threats tomorrow secures their businesses today. Exploiting known vulnerabilities to successfully compromise an organization has long been a common tactic used by malicious actors. Whether Heartbleed, EternalBlue, or most recently Zerologon, threat actors take advantage of newly disclosed vulnerabilities in their attacks. But even with thousands of new vulnerabili
Trendmicro
Manage Zero Day Exploits (ZDI) with Trend Micro Solutions
blogs_trendmicro·2021-04-28
Manage Zero Day Exploits (ZDI) with Trend Micro Solutions
Cyber Threats
## How Trend Micro Helps Manage Exploited Vulnerabilities
As technological innovations evolve, protecting companies from cyber threats tomorrow secures their businesses today. Read how Trend Micro protects customers from vulnerability exploits by blocking them as early as possible.
By: Jon Clay 2021/04/28 Read time: ( words)
Save to Folio
As technological innovations evolve, protecting companies from cyber threats tomorrow secures their businesses today. Exploiting known vulnerabilities to successfully compromise an organization has long been a common tactic used by malicious actors. Whether Heartbleed, EternalBlue, or most recently Zerologon, threat actors take advantage of newly disclosed vulnerabilities in their attacks. But even with thousands of new vulnerabilities
Trendmicro
Manage Zero Day Exploits (ZDI) with Trend Micro Solutions
blogs_trendmicro·2021-04-28
Manage Zero Day Exploits (ZDI) with Trend Micro Solutions
Minacce cyber
## How Trend Micro Helps Manage Exploited Vulnerabilities
As technological innovations evolve, protecting companies from cyber threats tomorrow secures their businesses today. Read how Trend Micro protects customers from vulnerability exploits by blocking them as early as possible.
By: Jon Clay Apr 28, 2021 Read time: ( words)
Save to Folio
As technological innovations evolve, protecting companies from cyber threats tomorrow secures their businesses today. Exploiting known vulnerabilities to successfully compromise an organization has long been a common tactic used by malicious actors. Whether Heartbleed, EternalBlue, or most recently Zerologon, threat actors take advantage of newly disclosed vulnerabilities in their attacks. But even with thousands of new vulnerabilitie
Trendmicro
Manage Zero Day Exploits (ZDI) with Trend Micro Solutions
blogs_trendmicro·2021-04-28
Manage Zero Day Exploits (ZDI) with Trend Micro Solutions
Ciberamenazas
## How Trend Micro Helps Manage Exploited Vulnerabilities
As technological innovations evolve, protecting companies from cyber threats tomorrow secures their businesses today. Read how Trend Micro protects customers from vulnerability exploits by blocking them as early as possible.
By: Jon Clay Apr 28, 2021 Read time: ( words)
Save to Folio
As technological innovations evolve, protecting companies from cyber threats tomorrow secures their businesses today. Exploiting known vulnerabilities to successfully compromise an organization has long been a common tactic used by malicious actors. Whether Heartbleed, EternalBlue, or most recently Zerologon, threat actors take advantage of newly disclosed vulnerabilities in their attacks. But even with thousands of new vulnerabilitie
Trendmicro
Manage Zero Day Exploits (ZDI) with Trend Micro Solutions
blogs_trendmicro·2021-04-28
Manage Zero Day Exploits (ZDI) with Trend Micro Solutions
Cyber Threats
## How Trend Micro Helps Manage Exploited Vulnerabilities
As technological innovations evolve, protecting companies from cyber threats tomorrow secures their businesses today. Read how Trend Micro protects customers from vulnerability exploits by blocking them as early as possible.
By: Jon Clay Apr 28, 2021 Read time: ( words)
Save to Folio
As technological innovations evolve, protecting companies from cyber threats tomorrow secures their businesses today. Exploiting known vulnerabilities to successfully compromise an organization has long been a common tactic used by malicious actors. Whether Heartbleed, EternalBlue, or most recently Zerologon, threat actors take advantage of newly disclosed vulnerabilities in their attacks. But even with thousands of new vulnerabilitie
Trendmicro
Manage Zero Day Exploits (ZDI) with Trend Micro Solutions
blogs_trendmicro·2021-04-28
Manage Zero Day Exploits (ZDI) with Trend Micro Solutions
Cyber Threats
# How Trend Micro Helps Manage Exploited Vulnerabilities
As technological innovations evolve, protecting companies from cyber threats tomorrow secures their businesses today. Read how Trend Micro protects customers from vulnerability exploits by blocking them as early as possible.
By: Jon Clay
2021/04/28
Read time: ( words)
Save to Folio
Photo credit: pxhere
As technological innovations evolve, protecting companies from cyber threats tomorrow secures their businesses today. Exploiting known vulnerabilities to successfully compromise an organization has long been a common tactic used by malicious actors. Whether Heartbleed, EternalBlue, or most recently Zerologon, threat actors take advantage of newly disclosed vulnerabilities in their attacks. But even with thousands o
Tenable
Government Agencies Warn of State-Sponsored Actors Exploiting Publicly Known Vulnerabilities
blogs_tenable·2020-10-23
Government Agencies Warn of State-Sponsored Actors Exploiting Publicly Known Vulnerabilities
## Cloud Exposure
Tenable Cloud Security (CNAPP) Request a demo
Tenable Cloud Vulnerability Management Request a demo
Tenable CIEM Request a demo
Secure your cloud
## Vulnerability Exposure
Tenable Vulnerability Management Try for free
Tenable Security Center Request a demo
Tenable Web App Scanning Try for free
Tenable Patch Management Request a demo
Tenable Enclave Security Request a demo
Tenable Attack Surface Management Request a demo
Tenable Nessus Try for free
## AI Exposure
Tenable AI Exposure Request a demo
## OT/IoT Exposure
Tenable OT Security Request a demo
## Identity Exposure
Tenable Identity Exposure Request a demo
## Business needs
Active Directory
AI Security Posture Management (AI-SPM)
AWS security
Azure security
Cloud Security Posture Man
Qualys
NSA Alert: Chinese State-Sponsored Actors Exploit Known Vulnerabilities | Qualys
blogs_qualys·2020-10-22·CVSS 9.8
CVE-2020-15505 [CRITICAL] NSA Alert: Chinese State-Sponsored Actors Exploit Known Vulnerabilities | Qualys
#### Table of Contents
- Detect 25 Publicly Known Vulnerabilities using VMDR
Update November 25, 2020: The UK National Cyber Security Centre alerts that APT nation-state groups and cybercriminals are exploiting MobileIron RCE vulnerability (CVE-2020-15505).
Original post: On October 20, 2020, the United States National Security Agency (NSA) released a cybersecurity advisory on Chinese state-sponsored malicious cyber activity. The NSA alert provided a list of 25 publicly known vulnerabilities that are known to be recently leveraged by cyber actors for various hacking operations.
“Since these techniques include exploitation of publicly known vulnerabilities, it is critical that network defenders prioritize patching and
mitigation efforts,” said the NSA advisory. It also recommended “crit
Qualys
NSA Alert: Chinese State-Sponsored Actors Exploit Known Vulnerabilities
blogs_qualys·2020-10-22·CVSS 10.0
CVE-2020-15505 [CRITICAL] NSA Alert: Chinese State-Sponsored Actors Exploit Known Vulnerabilities
## Table of Contents
Detect 25 Publicly Known Vulnerabilities using VMDR
Update November 25, 2020 : The UK National Cyber Security Centre alerts that APT nation-state groups and cybercriminals are exploiting MobileIron RCE vulnerability (CVE-2020-15505).
Original post : On October 20, 2020, the United States National Security Agency (NSA) released a cybersecurity advisory on Chinese state-sponsored malicious cyber activity. The NSA alert provided a list of 25 publicly known vulnerabilities that are known to be recently leveraged by cyber actors for various hacking operations.
“Since these techniques include exploitation of publicly known vulnerabilities, it is critical that network defenders prioritize patching and mitigation efforts,” said the NSA advisory. It also recommended “critic
Tenable
CVE-2020-8193, CVE-2020-8195, and CVE-2020-8196: Active Exploitation of Citrix Vulnerabilities
blogs_tenable·2020-07-15·CVSS 6.5
[MEDIUM] CVE-2020-8193, CVE-2020-8195, and CVE-2020-8196: Active Exploitation of Citrix Vulnerabilities
## Cloud Exposure
Tenable Cloud Security (CNAPP) Request a demo
Tenable Cloud Vulnerability Management Request a demo
Tenable CIEM Request a demo
Secure your cloud
## Vulnerability Exposure
Tenable Vulnerability Management Try for free
Tenable Security Center Request a demo
Tenable Web App Scanning Try for free
Tenable Patch Management Request a demo
Tenable Enclave Security Request a demo
Tenable Attack Surface Management Request a demo
Tenable Nessus Try for free
## AI Exposure
Tenable AI Exposure Request a demo
## OT/IoT Exposure
Tenable OT Security Request a demo
## Identity Exposure
Tenable Identity Exposure Request a demo
## Business needs
Active Directory
AI Security Posture Management (AI-SPM)
AWS security
Azure security
Cloud Security Posture Man
http://packetstormsecurity.com/files/160047/Citrix-ADC-NetScaler-Local-File-Inclusion.htmlhttps://support.citrix.com/article/CTX276688http://packetstormsecurity.com/files/160047/Citrix-ADC-NetScaler-Local-File-Inclusion.htmlhttps://support.citrix.com/article/CTX276688https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-8195
2020-07-10
Published
2021-11-03
Added to CISA KEV
Exploited in the wild