CVE-2020-8300Improper Access Control in Citrix Application Delivery Controller Firmware

CWE-284Improper Access ControlCWE-269Improper Privilege ManagementCWE-400Uncontrolled Resource Consumption8 documents6 sources
Severity
6.5MEDIUMNVD
EPSS
13.9%
top 5.67%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
12
Citrix Application Delivery Controller FirmwareCitrix GatewayCitrix Netscaler Gateway+9 more
Timeline
PublishedJun 16
Latest updateMay 24

Description

Citrix ADC and Citrix/NetScaler Gateway before 13.0-82.41, 12.1-62.23, 11.1-65.20 and Citrix ADC 12.1-FIPS before 12.1-55.238 suffer from improper access control allowing SAML authentication hijack through a phishing attack to steal a valid user session. Note that Citrix ADC or Citrix Gateway must be configured as a SAML SP or a SAML IdP for this to be possible.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:NExploitability: 2.8 | Impact: 3.6

Affected Packages13 packages

NVDcitrix/netscaler_gateway11.111.1-65.20
NVDcitrix/gateway12.112.1-62.23+1

🔴Vulnerability Details

1
GHSA
GHSA-pq9q-4fcv-7rvj: Citrix ADC and Citrix/NetScaler Gateway before 132022-05-24

📋Vendor Advisories

3
Citrix
CVE-2020-8300: Citrix ADC and Citrix/NetScaler Gateway before 13.0-82.41, 12.1-62.23, 11.1-65.20 and Citrix ADC 12.1-FIPS before 12.1-55.238 suffer from improper acc2021-06-16
Citrix
Citrix Application Delivery Controller, Citrix Gateway, and Citrix SD-WAN WANOP Edition appliance Security Update2021-06-08
Red Hat
consul: HTTP/RPC Services Allow Unbounded Resource Usage2020-01-28

🕵️Threat Intelligence

2
Recorded Future
Additional Entities Targeted by DarkSide Affiliate, TAG-21; Links to WellMess and Sliver Infrastructure
Recorded Future
Additional Entities Targeted by DarkSide Affiliate, TAG-21; Links to WellMess and Sliver Infrastructure

💬Community

1
Bugzilla
CVE-2020-7219 consul: HTTP/RPC Services Allow Unbounded Resource Usage2020-02-21