VAR-202007-1175
Vulnerability from variot - Updated: 2023-12-18 11:58Improper input validation in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 resulting in limited information disclosure to low privileged users. are all products of Citrix Systems (Citrix Systems) in the United States. Citrix Application Delivery Controller is an application delivery controller. Citrix Systems Gateway (Citrix Systems NetScaler Gateway) is a secure remote access solution. Citrix System SDWAN WAN-OP is an SD-WAN (Virtual Software Defined Wide Area Network) appliance. The vulnerability stems from the failure of the network system or product to properly validate the input data
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202007-1175",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "application delivery controller",
"scope": "gte",
"trust": 1.0,
"vendor": "citrix",
"version": "11.1"
},
{
"model": "sd-wan wanop",
"scope": "lt",
"trust": 1.0,
"vendor": "citrix",
"version": "11.0.3d"
},
{
"model": "netscaler gateway",
"scope": "lt",
"trust": 1.0,
"vendor": "citrix",
"version": "11.1-64.14"
},
{
"model": "application delivery controller",
"scope": "lt",
"trust": 1.0,
"vendor": "citrix",
"version": "13.0-58.30"
},
{
"model": "application delivery controller",
"scope": "lt",
"trust": 1.0,
"vendor": "citrix",
"version": "11.1-64.14"
},
{
"model": "netscaler gateway",
"scope": "lt",
"trust": 1.0,
"vendor": "citrix",
"version": "10.5-70.18"
},
{
"model": "application delivery controller",
"scope": "lt",
"trust": 1.0,
"vendor": "citrix",
"version": "10.5-70.18"
},
{
"model": "sd-wan wanop",
"scope": "lt",
"trust": 1.0,
"vendor": "citrix",
"version": "10.2.7"
},
{
"model": "netscaler gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "citrix",
"version": "10.5"
},
{
"model": "sd-wan wanop",
"scope": "gte",
"trust": 1.0,
"vendor": "citrix",
"version": "11.0"
},
{
"model": "sd-wan wanop",
"scope": "gte",
"trust": 1.0,
"vendor": "citrix",
"version": "11.1"
},
{
"model": "application delivery controller",
"scope": "gte",
"trust": 1.0,
"vendor": "citrix",
"version": "10.5"
},
{
"model": "netscaler gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "citrix",
"version": "12.0"
},
{
"model": "gateway",
"scope": "lt",
"trust": 1.0,
"vendor": "citrix",
"version": "13.0-58.30"
},
{
"model": "netscaler gateway",
"scope": "lt",
"trust": 1.0,
"vendor": "citrix",
"version": "12.1-57.18"
},
{
"model": "gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "citrix",
"version": "13.0"
},
{
"model": "application delivery controller",
"scope": "gte",
"trust": 1.0,
"vendor": "citrix",
"version": "12.0"
},
{
"model": "sd-wan wanop",
"scope": "lt",
"trust": 1.0,
"vendor": "citrix",
"version": "11.1.1a"
},
{
"model": "netscaler gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "citrix",
"version": "12.1"
},
{
"model": "application delivery controller",
"scope": "lt",
"trust": 1.0,
"vendor": "citrix",
"version": "12.1-57.18"
},
{
"model": "netscaler gateway",
"scope": "lt",
"trust": 1.0,
"vendor": "citrix",
"version": "12.0-63.21"
},
{
"model": "application delivery controller",
"scope": "gte",
"trust": 1.0,
"vendor": "citrix",
"version": "12.1"
},
{
"model": "application delivery controller",
"scope": "gte",
"trust": 1.0,
"vendor": "citrix",
"version": "13.0"
},
{
"model": "gateway plug-in for linux",
"scope": "lt",
"trust": 1.0,
"vendor": "citrix",
"version": "1.0.0.137"
},
{
"model": "sd-wan wanop",
"scope": "gte",
"trust": 1.0,
"vendor": "citrix",
"version": "10.2"
},
{
"model": "application delivery controller",
"scope": "lt",
"trust": 1.0,
"vendor": "citrix",
"version": "12.0-63.21"
},
{
"model": "netscaler gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "citrix",
"version": "11.1"
},
{
"model": "application delivery controller",
"scope": null,
"trust": 0.8,
"vendor": "citrix",
"version": null
},
{
"model": "gateway plug-in for linux",
"scope": null,
"trust": 0.8,
"vendor": "citrix",
"version": null
},
{
"model": "gateway",
"scope": null,
"trust": 0.8,
"vendor": "citrix",
"version": null
},
{
"model": "sdwan wan-op",
"scope": null,
"trust": 0.8,
"vendor": "citrix",
"version": null
},
{
"model": "netscaler gateway",
"scope": null,
"trust": 0.8,
"vendor": "citrix",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-007580"
},
{
"db": "NVD",
"id": "CVE-2020-8195"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:citrix:application_delivery_controller_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.5-70.18",
"versionStartIncluding": "10.5",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:citrix:application_delivery_controller_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.1-64.14",
"versionStartIncluding": "11.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:citrix:application_delivery_controller_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "12.0-63.21",
"versionStartIncluding": "12.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:citrix:application_delivery_controller_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "12.1-57.18",
"versionStartIncluding": "12.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:citrix:application_delivery_controller_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "13.0-58.30",
"versionStartIncluding": "13.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:citrix:application_delivery_controller:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:citrix:netscaler_gateway_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.5-70.18",
"versionStartIncluding": "10.5",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:citrix:netscaler_gateway_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.1-64.14",
"versionStartIncluding": "11.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:citrix:netscaler_gateway_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "12.0-63.21",
"versionStartIncluding": "12.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:citrix:netscaler_gateway_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "12.1-57.18",
"versionStartIncluding": "12.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:citrix:netscaler_gateway:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:citrix:gateway_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "13.0-58.30",
"versionStartIncluding": "13.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:citrix:gateway:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:citrix:sd-wan_wanop:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.1.1a",
"versionStartIncluding": "11.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:citrix:sd-wan_wanop:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.0.3d",
"versionStartIncluding": "11.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:citrix:sd-wan_wanop:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.2.7",
"versionStartIncluding": "10.2",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:citrix:5000-wo:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:citrix:5100-wo:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:citrix:4100-wo:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:citrix:4000-wo:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:citrix:gateway_plug-in_for_linux:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.0.0.137",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2020-8195"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Maarten Boone (@staatsgeheim), Donny Maasland (@donnymaasland), Ltd and Viktor Dragomiretskyy, Albert Shi of Univision Network (Shanghai) Co.,Laurent Geyer of Akamai, Muris Kurgas of Digital 14 (Xen1thLabs)",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202007-365"
}
],
"trust": 0.6
},
"cve": "CVE-2020-8195",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2020-007580",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "VHN-186320",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULMON",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "CVE-2020-8195",
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 6.5,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2020-007580",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2020-8195",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "JVNDB-2020-007580",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-202007-365",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-186320",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2020-8195",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-186320"
},
{
"db": "VULMON",
"id": "CVE-2020-8195"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-007580"
},
{
"db": "NVD",
"id": "CVE-2020-8195"
},
{
"db": "CNNVD",
"id": "CNNVD-202007-365"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Improper input validation in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 resulting in limited information disclosure to low privileged users. are all products of Citrix Systems (Citrix Systems) in the United States. Citrix Application Delivery Controller is an application delivery controller. Citrix Systems Gateway (Citrix Systems NetScaler Gateway) is a secure remote access solution. Citrix System SDWAN WAN-OP is an SD-WAN (Virtual Software Defined Wide Area Network) appliance. The vulnerability stems from the failure of the network system or product to properly validate the input data",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-8195"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-007580"
},
{
"db": "VULHUB",
"id": "VHN-186320"
},
{
"db": "VULMON",
"id": "CVE-2020-8195"
}
],
"trust": 1.8
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-186320",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-186320"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-8195",
"trust": 2.6
},
{
"db": "PACKETSTORM",
"id": "160047",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2020-007580",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2020.2310",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "48223",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202007-365",
"trust": 0.6
},
{
"db": "CNVD",
"id": "CNVD-2020-41191",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-186320",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2020-8195",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-186320"
},
{
"db": "VULMON",
"id": "CVE-2020-8195"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-007580"
},
{
"db": "NVD",
"id": "CVE-2020-8195"
},
{
"db": "CNNVD",
"id": "CNNVD-202007-365"
}
]
},
"id": "VAR-202007-1175",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-186320"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T11:58:11.392000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "CTX276688",
"trust": 0.8,
"url": "https://support.citrix.com/article/ctx276688"
},
{
"title": "Multiple Citrix Systems Product input verification error vulnerability fixes",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=123536"
},
{
"title": "The Register",
"trust": 0.2,
"url": "https://www.theregister.co.uk/2020/07/09/citrix_bugs_proof_of_concept_exploits/"
},
{
"title": "The Register",
"trust": 0.2,
"url": "https://www.theregister.co.uk/2020/07/08/citrix_eleven_patches/"
},
{
"title": "Citrix Security Bulletins: Citrix Application Delivery Controller, Citrix Gateway, and Citrix SD-WAN WANOP appliance Security Update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=citrix_security_bulletins\u0026qid=9d4ed4236f0cd8feb68799f8037f447d"
},
{
"title": "Citrix Security Bulletins: Citrix Application Delivery Controller, Citrix Gateway, and Citrix SD-WAN WANOP appliance Security Update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=citrix_security_bulletins\u0026qid=ad9a7bb846592c7191f2b16aa8f47742"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2020-8195 "
},
{
"title": "CVE-2020-8193-Citrix-Scanner",
"trust": 0.1,
"url": "https://github.com/pr3r00t/cve-2020-8193-citrix-scanner "
},
{
"title": "citrix_adc_netscaler_lfi",
"trust": 0.1,
"url": "https://github.com/zeop-cybersec/citrix_adc_netscaler_lfi "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/ipcis/citrix_adc_gateway_check "
},
{
"title": "2020-Read-article",
"trust": 0.1,
"url": "https://github.com/evilanne/2020-read-article "
},
{
"title": "content",
"trust": 0.1,
"url": "https://github.com/dnif/content "
},
{
"title": "nist-cve-search-tool",
"trust": 0.1,
"url": "https://github.com/stratosphereips/nist-cve-search-tool "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/triw0lf/security-matters-22 "
},
{
"title": "supplier",
"trust": 0.1,
"url": "https://github.com/r0exper/supplier "
},
{
"title": "SecBooks",
"trust": 0.1,
"url": "https://github.com/sexybeast233/secbooks "
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/bug-nsa-china-backed-cyberattacks/160421/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2020-8195"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-007580"
},
{
"db": "CNNVD",
"id": "CNNVD-202007-365"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-22",
"trust": 1.1
},
{
"problemtype": "CWE-20",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-186320"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-007580"
},
{
"db": "NVD",
"id": "CVE-2020-8195"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "http://packetstormsecurity.com/files/160047/citrix-adc-netscaler-local-file-inclusion.html"
},
{
"trust": 1.9,
"url": "https://support.citrix.com/article/ctx276688"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-8195"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-8195"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/48223"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.2310/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/22.html"
},
{
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2020-8195"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/pr3r00t/cve-2020-8193-citrix-scanner"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-186320"
},
{
"db": "VULMON",
"id": "CVE-2020-8195"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-007580"
},
{
"db": "NVD",
"id": "CVE-2020-8195"
},
{
"db": "CNNVD",
"id": "CNNVD-202007-365"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-186320"
},
{
"db": "VULMON",
"id": "CVE-2020-8195"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-007580"
},
{
"db": "NVD",
"id": "CVE-2020-8195"
},
{
"db": "CNNVD",
"id": "CNNVD-202007-365"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-07-10T00:00:00",
"db": "VULHUB",
"id": "VHN-186320"
},
{
"date": "2020-07-10T00:00:00",
"db": "VULMON",
"id": "CVE-2020-8195"
},
{
"date": "2020-08-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-007580"
},
{
"date": "2020-07-10T16:15:12.327000",
"db": "NVD",
"id": "CVE-2020-8195"
},
{
"date": "2020-07-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202007-365"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-09-20T00:00:00",
"db": "VULHUB",
"id": "VHN-186320"
},
{
"date": "2022-09-20T00:00:00",
"db": "VULMON",
"id": "CVE-2020-8195"
},
{
"date": "2020-08-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-007580"
},
{
"date": "2022-09-20T17:23:50.827000",
"db": "NVD",
"id": "CVE-2020-8195"
},
{
"date": "2022-09-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202007-365"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202007-365"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Citrix ADC and Gateway Input verification vulnerability in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-007580"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "path traversal",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202007-365"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…