Sign-up

ID

VAR-202007-1175


CVE

CVE-2020-8195


TITLE

Citrix ADC and Gateway Input verification vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2020-007580

DESCRIPTION

Improper input validation in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 resulting in limited information disclosure to low privileged users. are all products of Citrix Systems (Citrix Systems) in the United States. Citrix Application Delivery Controller is an application delivery controller. Citrix Systems Gateway (Citrix Systems NetScaler Gateway) is a secure remote access solution. Citrix System SDWAN WAN-OP is an SD-WAN (Virtual Software Defined Wide Area Network) appliance. The vulnerability stems from the failure of the network system or product to properly validate the input data

Trust: 1.8

sources: NVD: CVE-2020-8195 // JVNDB: JVNDB-2020-007580 // VULHUB: VHN-186320 // VULMON: CVE-2020-8195

AFFECTED PRODUCTS

vendor:citrixmodel:gateway plug-in for linuxscope:ltversion:1.0.0.137

Trust: 1.0

vendor:citrixmodel:netscaler gatewayscope:gteversion:11.1

Trust: 1.0

vendor:citrixmodel:sd-wan wanopscope:gteversion:11.0

Trust: 1.0

vendor:citrixmodel:application delivery controllerscope:gteversion:11.1

Trust: 1.0

vendor:citrixmodel:gatewayscope:gteversion:13.0

Trust: 1.0

vendor:citrixmodel:netscaler gatewayscope:gteversion:12.0

Trust: 1.0

vendor:citrixmodel:sd-wan wanopscope:ltversion:10.2.7

Trust: 1.0

vendor:citrixmodel:application delivery controllerscope:gteversion:12.0

Trust: 1.0

vendor:citrixmodel:sd-wan wanopscope:ltversion:11.0.3d

Trust: 1.0

vendor:citrixmodel:application delivery controllerscope:ltversion:12.0-63.21

Trust: 1.0

vendor:citrixmodel:sd-wan wanopscope:ltversion:11.1.1a

Trust: 1.0

vendor:citrixmodel:application delivery controllerscope:ltversion:13.0-58.30

Trust: 1.0

vendor:citrixmodel:netscaler gatewayscope:ltversion:11.1-64.14

Trust: 1.0

vendor:citrixmodel:application delivery controllerscope:ltversion:12.1-57.18

Trust: 1.0

vendor:citrixmodel:netscaler gatewayscope:gteversion:10.5

Trust: 1.0

vendor:citrixmodel:application delivery controllerscope:ltversion:10.5-70.18

Trust: 1.0

vendor:citrixmodel:application delivery controllerscope:gteversion:10.5

Trust: 1.0

vendor:citrixmodel:netscaler gatewayscope:ltversion:12.0-63.21

Trust: 1.0

vendor:citrixmodel:sd-wan wanopscope:gteversion:11.1

Trust: 1.0

vendor:citrixmodel:netscaler gatewayscope:ltversion:12.1-57.18

Trust: 1.0

vendor:citrixmodel:gatewayscope:ltversion:13.0-58.30

Trust: 1.0

vendor:citrixmodel:netscaler gatewayscope:gteversion:12.1

Trust: 1.0

vendor:citrixmodel:application delivery controllerscope:gteversion:12.1

Trust: 1.0

vendor:citrixmodel:application delivery controllerscope:ltversion:11.1-64.14

Trust: 1.0

vendor:citrixmodel:netscaler gatewayscope:ltversion:10.5-70.18

Trust: 1.0

vendor:citrixmodel:sd-wan wanopscope:gteversion:10.2

Trust: 1.0

vendor:citrixmodel:application delivery controllerscope:gteversion:13.0

Trust: 1.0

vendor:citrixmodel:application delivery controllerscope: - version: -

Trust: 0.8

vendor:citrixmodel:gateway plug-in for linuxscope: - version: -

Trust: 0.8

vendor:citrixmodel:gatewayscope: - version: -

Trust: 0.8

vendor:citrixmodel:sdwan wan-opscope: - version: -

Trust: 0.8

vendor:citrixmodel:netscaler gatewayscope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2020-007580 // NVD: CVE-2020-8195

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2020-8195
value: MEDIUM

Trust: 1.0

NVD: JVNDB-2020-007580
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-202007-365
value: MEDIUM

Trust: 0.6

VULHUB: VHN-186320
value: MEDIUM

Trust: 0.1

VULMON: CVE-2020-8195
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2020-8195
severity: MEDIUM
baseScore: 4.0
vectorString: AV:N/AC:L/AU:S/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 8.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.1

NVD: JVNDB-2020-007580
severity: MEDIUM
baseScore: 4.0
vectorString: AV:N/AC:L/AU:S/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

VULHUB: VHN-186320
severity: MEDIUM
baseScore: 4.0
vectorString: AV:N/AC:L/AU:S/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 8.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2020-8195
baseSeverity: MEDIUM
baseScore: 6.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 2.8
impactScore: 3.6
version: 3.1

Trust: 1.0

NVD: JVNDB-2020-007580
baseSeverity: MEDIUM
baseScore: 6.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-186320 // VULMON: CVE-2020-8195 // JVNDB: JVNDB-2020-007580 // CNNVD: CNNVD-202007-365 // NVD: CVE-2020-8195

PROBLEMTYPE DATA

problemtype:CWE-20

Trust: 1.9

problemtype:CWE-22

Trust: 1.1

sources: VULHUB: VHN-186320 // JVNDB: JVNDB-2020-007580 // NVD: CVE-2020-8195

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202007-365

TYPE

path traversal

Trust: 0.6

sources: CNNVD: CNNVD-202007-365

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2020-007580

EXPLOIT AVAILABILITY
sources:
            
            
            VULHUB: VHN-186320

PATCH
title:CTX276688url:https://support.citrix.com/article/CTX276688
Trust: 0.8
title:Multiple Citrix Systems Product input verification error vulnerability fixesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=123536
Trust: 0.6
title:The Registerurl:https://www.theregister.co.uk/2020/07/09/citrix_bugs_proof_of_concept_exploits/
Trust: 0.2
title:The Registerurl:https://www.theregister.co.uk/2020/07/08/citrix_eleven_patches/
Trust: 0.2
title:Citrix Security Bulletins: Citrix Application Delivery Controller, Citrix Gateway, and Citrix SD-WAN WANOP appliance Security Updateurl:https://vulmon.com/vendoradvisory?qidtp=citrix_security_bulletins&qid=9d4ed4236f0cd8feb68799f8037f447d
Trust: 0.1
title:Citrix Security Bulletins: Citrix Application Delivery Controller, Citrix Gateway, and Citrix SD-WAN WANOP appliance Security Updateurl:https://vulmon.com/vendoradvisory?qidtp=citrix_security_bulletins&qid=ad9a7bb846592c7191f2b16aa8f47742
Trust: 0.1
title: - url:https://github.com/Live-Hack-CVE/CVE-2020-8195 
Trust: 0.1
title:CVE-2020-8193-Citrix-Scannerurl:https://github.com/PR3R00T/CVE-2020-8193-Citrix-Scanner 
Trust: 0.1
title:citrix_adc_netscaler_lfiurl:https://github.com/Zeop-CyberSec/citrix_adc_netscaler_lfi 
Trust: 0.1
title: - url:https://github.com/ipcis/Citrix_ADC_Gateway_Check 
Trust: 0.1
title:2020-Read-articleurl:https://github.com/EvilAnne/2020-Read-article 
Trust: 0.1
title:contenturl:https://github.com/dnif/content 
Trust: 0.1
title:nist-cve-search-toolurl:https://github.com/stratosphereips/nist-cve-search-tool 
Trust: 0.1
title: - url:https://github.com/triw0lf/Security-Matters-22 
Trust: 0.1
title:supplierurl:https://github.com/r0eXpeR/supplier 
Trust: 0.1
title:SecBooksurl:https://github.com/SexyBeast233/SecBooks 
Trust: 0.1
title:Threatposturl:https://threatpost.com/bug-nsa-china-backed-cyberattacks/160421/
Trust: 0.1
sources:
            
            
            VULMON: CVE-2020-8195 // 
            
            
            
            JVNDB: JVNDB-2020-007580 // 
            
            
            
            CNNVD: CNNVD-202007-365

EXTERNAL IDS
db:NVDid:CVE-2020-8195
Trust: 2.6
db:PACKETSTORMid:160047
Trust: 1.8
db:JVNDBid:JVNDB-2020-007580
Trust: 0.8
db:AUSCERTid:ESB-2020.2310
Trust: 0.6
db:NSFOCUSid:48223
Trust: 0.6
db:CNNVDid:CNNVD-202007-365
Trust: 0.6
db:CNVDid:CNVD-2020-41191
Trust: 0.1
db:VULHUBid:VHN-186320
Trust: 0.1
db:VULMONid:CVE-2020-8195
Trust: 0.1
sources:
            
            
            VULHUB: VHN-186320 // 
            
            
            
            VULMON: CVE-2020-8195 // 
            
            
            
            JVNDB: JVNDB-2020-007580 // 
            
            
            
            CNNVD: CNNVD-202007-365 // 
            
            
            
            NVD: CVE-2020-8195

REFERENCES
url:http://packetstormsecurity.com/files/160047/citrix-adc-netscaler-local-file-inclusion.html
Trust: 2.4
url:https://support.citrix.com/article/ctx276688
Trust: 1.9
url:https://nvd.nist.gov/vuln/detail/cve-2020-8195
Trust: 1.4
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-8195
Trust: 0.8
url:http://www.nsfocus.net/vulndb/48223
Trust: 0.6
url:https://www.auscert.org.au/bulletins/esb-2020.2310/
Trust: 0.6
url:https://cwe.mitre.org/data/definitions/22.html
Trust: 0.1
url:https://github.com/live-hack-cve/cve-2020-8195
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
url:https://github.com/pr3r00t/cve-2020-8193-citrix-scanner
Trust: 0.1
sources:
            
            
            VULHUB: VHN-186320 // 
            
            
            
            VULMON: CVE-2020-8195 // 
            
            
            
            JVNDB: JVNDB-2020-007580 // 
            
            
            
            CNNVD: CNNVD-202007-365 // 
            
            
            
            NVD: CVE-2020-8195

CREDITS
Maarten Boone (@staatsgeheim), Donny Maasland (@donnymaasland), Ltd and Viktor Dragomiretskyy, Albert Shi of Univision Network (Shanghai) Co.,Laurent Geyer of Akamai, Muris Kurgas of Digital 14 (Xen1thLabs)
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-202007-365

SOURCES
db:VULHUBid:VHN-186320
db:VULMONid:CVE-2020-8195
db:JVNDBid:JVNDB-2020-007580
db:CNNVDid:CNNVD-202007-365
db:NVDid:CVE-2020-8195

LAST UPDATE DATE
2024-08-14T13:44:03.388000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-186320date:2022-09-20T00:00:00
db:VULMONid:CVE-2020-8195date:2022-09-20T00:00:00
db:JVNDBid:JVNDB-2020-007580date:2020-08-18T00:00:00
db:CNNVDid:CNNVD-202007-365date:2022-09-21T00:00:00
db:NVDid:CVE-2020-8195date:2022-09-20T17:23:50.827

SOURCES RELEASE DATE
db:VULHUBid:VHN-186320date:2020-07-10T00:00:00
db:VULMONid:CVE-2020-8195date:2020-07-10T00:00:00
db:JVNDBid:JVNDB-2020-007580date:2020-08-18T00:00:00
db:CNNVDid:CNNVD-202007-365date:2020-07-08T00:00:00
db:NVDid:CVE-2020-8195date:2020-07-10T16:15:12.327