ID

VAR-202007-1175


CVE

CVE-2020-8195


TITLE

Citrix ADC and Gateway Input verification vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2020-007580

DESCRIPTION

Improper input validation in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 resulting in limited information disclosure to low privileged users. are all products of Citrix Systems (Citrix Systems) in the United States. Citrix Application Delivery Controller is an application delivery controller. Citrix Systems Gateway (Citrix Systems NetScaler Gateway) is a secure remote access solution. Citrix System SDWAN WAN-OP is an SD-WAN (Virtual Software Defined Wide Area Network) appliance. The vulnerability stems from the failure of the network system or product to properly validate the input data

Trust: 1.8

sources: NVD: CVE-2020-8195 // JVNDB: JVNDB-2020-007580 // VULHUB: VHN-186320 // VULMON: CVE-2020-8195

AFFECTED PRODUCTS

vendor:citrixmodel:gateway plug-in for linuxscope:ltversion:1.0.0.137

Trust: 1.0

vendor:citrixmodel:netscaler gatewayscope:gteversion:11.1

Trust: 1.0

vendor:citrixmodel:sd-wan wanopscope:gteversion:11.0

Trust: 1.0

vendor:citrixmodel:application delivery controllerscope:gteversion:11.1

Trust: 1.0

vendor:citrixmodel:gatewayscope:gteversion:13.0

Trust: 1.0

vendor:citrixmodel:netscaler gatewayscope:gteversion:12.0

Trust: 1.0

vendor:citrixmodel:sd-wan wanopscope:ltversion:10.2.7

Trust: 1.0

vendor:citrixmodel:application delivery controllerscope:gteversion:12.0

Trust: 1.0

vendor:citrixmodel:sd-wan wanopscope:ltversion:11.0.3d

Trust: 1.0

vendor:citrixmodel:application delivery controllerscope:ltversion:12.0-63.21

Trust: 1.0

vendor:citrixmodel:sd-wan wanopscope:ltversion:11.1.1a

Trust: 1.0

vendor:citrixmodel:application delivery controllerscope:ltversion:13.0-58.30

Trust: 1.0

vendor:citrixmodel:netscaler gatewayscope:ltversion:11.1-64.14

Trust: 1.0

vendor:citrixmodel:application delivery controllerscope:ltversion:12.1-57.18

Trust: 1.0

vendor:citrixmodel:netscaler gatewayscope:gteversion:10.5

Trust: 1.0

vendor:citrixmodel:application delivery controllerscope:ltversion:10.5-70.18

Trust: 1.0

vendor:citrixmodel:application delivery controllerscope:gteversion:10.5

Trust: 1.0

vendor:citrixmodel:netscaler gatewayscope:ltversion:12.0-63.21

Trust: 1.0

vendor:citrixmodel:sd-wan wanopscope:gteversion:11.1

Trust: 1.0

vendor:citrixmodel:netscaler gatewayscope:ltversion:12.1-57.18

Trust: 1.0

vendor:citrixmodel:gatewayscope:ltversion:13.0-58.30

Trust: 1.0

vendor:citrixmodel:netscaler gatewayscope:gteversion:12.1

Trust: 1.0

vendor:citrixmodel:application delivery controllerscope:gteversion:12.1

Trust: 1.0

vendor:citrixmodel:application delivery controllerscope:ltversion:11.1-64.14

Trust: 1.0

vendor:citrixmodel:netscaler gatewayscope:ltversion:10.5-70.18

Trust: 1.0

vendor:citrixmodel:sd-wan wanopscope:gteversion:10.2

Trust: 1.0

vendor:citrixmodel:application delivery controllerscope:gteversion:13.0

Trust: 1.0

vendor:citrixmodel:application delivery controllerscope: - version: -

Trust: 0.8

vendor:citrixmodel:gateway plug-in for linuxscope: - version: -

Trust: 0.8

vendor:citrixmodel:gatewayscope: - version: -

Trust: 0.8

vendor:citrixmodel:sdwan wan-opscope: - version: -

Trust: 0.8

vendor:citrixmodel:netscaler gatewayscope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2020-007580 // NVD: CVE-2020-8195

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2020-8195
value: MEDIUM

Trust: 1.0

NVD: JVNDB-2020-007580
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-202007-365
value: MEDIUM

Trust: 0.6

VULHUB: VHN-186320
value: MEDIUM

Trust: 0.1

VULMON: CVE-2020-8195
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2020-8195
severity: MEDIUM
baseScore: 4.0
vectorString: AV:N/AC:L/AU:S/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 8.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.1

NVD: JVNDB-2020-007580
severity: MEDIUM
baseScore: 4.0
vectorString: AV:N/AC:L/AU:S/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

VULHUB: VHN-186320
severity: MEDIUM
baseScore: 4.0
vectorString: AV:N/AC:L/AU:S/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 8.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2020-8195
baseSeverity: MEDIUM
baseScore: 6.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 2.8
impactScore: 3.6
version: 3.1

Trust: 1.0

NVD: JVNDB-2020-007580
baseSeverity: MEDIUM
baseScore: 6.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-186320 // VULMON: CVE-2020-8195 // JVNDB: JVNDB-2020-007580 // CNNVD: CNNVD-202007-365 // NVD: CVE-2020-8195

PROBLEMTYPE DATA

problemtype:CWE-20

Trust: 1.9

problemtype:CWE-22

Trust: 1.1

sources: VULHUB: VHN-186320 // JVNDB: JVNDB-2020-007580 // NVD: CVE-2020-8195

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202007-365

TYPE

path traversal

Trust: 0.6

sources: CNNVD: CNNVD-202007-365

CONFIGURATIONS

sources: JVNDB: JVNDB-2020-007580

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-186320

PATCH

title:CTX276688url:https://support.citrix.com/article/CTX276688

Trust: 0.8

title:Multiple Citrix Systems Product input verification error vulnerability fixesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=123536

Trust: 0.6

title:The Registerurl:https://www.theregister.co.uk/2020/07/09/citrix_bugs_proof_of_concept_exploits/

Trust: 0.2

title:The Registerurl:https://www.theregister.co.uk/2020/07/08/citrix_eleven_patches/

Trust: 0.2

title:Citrix Security Bulletins: Citrix Application Delivery Controller, Citrix Gateway, and Citrix SD-WAN WANOP appliance Security Updateurl:https://vulmon.com/vendoradvisory?qidtp=citrix_security_bulletins&qid=9d4ed4236f0cd8feb68799f8037f447d

Trust: 0.1

title:Citrix Security Bulletins: Citrix Application Delivery Controller, Citrix Gateway, and Citrix SD-WAN WANOP appliance Security Updateurl:https://vulmon.com/vendoradvisory?qidtp=citrix_security_bulletins&qid=ad9a7bb846592c7191f2b16aa8f47742

Trust: 0.1

title: - url:https://github.com/Live-Hack-CVE/CVE-2020-8195

Trust: 0.1

title:CVE-2020-8193-Citrix-Scannerurl:https://github.com/PR3R00T/CVE-2020-8193-Citrix-Scanner

Trust: 0.1

title:citrix_adc_netscaler_lfiurl:https://github.com/Zeop-CyberSec/citrix_adc_netscaler_lfi

Trust: 0.1

title: - url:https://github.com/ipcis/Citrix_ADC_Gateway_Check

Trust: 0.1

title:2020-Read-articleurl:https://github.com/EvilAnne/2020-Read-article

Trust: 0.1

title:contenturl:https://github.com/dnif/content

Trust: 0.1

title:nist-cve-search-toolurl:https://github.com/stratosphereips/nist-cve-search-tool

Trust: 0.1

title: - url:https://github.com/triw0lf/Security-Matters-22

Trust: 0.1

title:supplierurl:https://github.com/r0eXpeR/supplier

Trust: 0.1

title:SecBooksurl:https://github.com/SexyBeast233/SecBooks

Trust: 0.1

title:Threatposturl:https://threatpost.com/bug-nsa-china-backed-cyberattacks/160421/

Trust: 0.1

sources: VULMON: CVE-2020-8195 // JVNDB: JVNDB-2020-007580 // CNNVD: CNNVD-202007-365

EXTERNAL IDS

db:NVDid:CVE-2020-8195

Trust: 2.6

db:PACKETSTORMid:160047

Trust: 1.8

db:JVNDBid:JVNDB-2020-007580

Trust: 0.8

db:AUSCERTid:ESB-2020.2310

Trust: 0.6

db:NSFOCUSid:48223

Trust: 0.6

db:CNNVDid:CNNVD-202007-365

Trust: 0.6

db:CNVDid:CNVD-2020-41191

Trust: 0.1

db:VULHUBid:VHN-186320

Trust: 0.1

db:VULMONid:CVE-2020-8195

Trust: 0.1

sources: VULHUB: VHN-186320 // VULMON: CVE-2020-8195 // JVNDB: JVNDB-2020-007580 // CNNVD: CNNVD-202007-365 // NVD: CVE-2020-8195

REFERENCES

url:http://packetstormsecurity.com/files/160047/citrix-adc-netscaler-local-file-inclusion.html

Trust: 2.4

url:https://support.citrix.com/article/ctx276688

Trust: 1.9

url:https://nvd.nist.gov/vuln/detail/cve-2020-8195

Trust: 1.4

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-8195

Trust: 0.8

url:http://www.nsfocus.net/vulndb/48223

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.2310/

Trust: 0.6

url:https://cwe.mitre.org/data/definitions/22.html

Trust: 0.1

url:https://github.com/live-hack-cve/cve-2020-8195

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://github.com/pr3r00t/cve-2020-8193-citrix-scanner

Trust: 0.1

sources: VULHUB: VHN-186320 // VULMON: CVE-2020-8195 // JVNDB: JVNDB-2020-007580 // CNNVD: CNNVD-202007-365 // NVD: CVE-2020-8195

CREDITS

Maarten Boone (@staatsgeheim), Donny Maasland (@donnymaasland), Ltd and Viktor Dragomiretskyy, Albert Shi of Univision Network (Shanghai) Co.,Laurent Geyer of Akamai, Muris Kurgas of Digital 14 (Xen1thLabs)

Trust: 0.6

sources: CNNVD: CNNVD-202007-365

SOURCES

db:VULHUBid:VHN-186320
db:VULMONid:CVE-2020-8195
db:JVNDBid:JVNDB-2020-007580
db:CNNVDid:CNNVD-202007-365
db:NVDid:CVE-2020-8195

LAST UPDATE DATE

2024-08-14T13:44:03.388000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-186320date:2022-09-20T00:00:00
db:VULMONid:CVE-2020-8195date:2022-09-20T00:00:00
db:JVNDBid:JVNDB-2020-007580date:2020-08-18T00:00:00
db:CNNVDid:CNNVD-202007-365date:2022-09-21T00:00:00
db:NVDid:CVE-2020-8195date:2022-09-20T17:23:50.827

SOURCES RELEASE DATE

db:VULHUBid:VHN-186320date:2020-07-10T00:00:00
db:VULMONid:CVE-2020-8195date:2020-07-10T00:00:00
db:JVNDBid:JVNDB-2020-007580date:2020-08-18T00:00:00
db:CNNVDid:CNNVD-202007-365date:2020-07-08T00:00:00
db:NVDid:CVE-2020-8195date:2020-07-10T16:15:12.327