| VID |
210207 |
| Severity |
30 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
WWW |
| Detailed Description |
Improper access control in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 allows unauthenticated access to certain URL endpoints.
* References:
http://packetstormsecurity.com/files/160047/Citrix-ADC-NetScaler-Local-File-Inclusion.html
https://support.citrix.com/article/CTX276688
* Platforms Affected:
Upgrade Citrix ADC and Citrix Gateway versions 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 before, Citrix SDWAN WAN-OP versions 11.1.1a, 11.0.3d and 10.2.7 before. |
| Recommendation |
Upgrade Citrix ADC and Citrix Gateway versions 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 later, Citrix SDWAN WAN-OP versions 11.1.1a, 11.0.3d and 10.2.7 later. |
| Related URL |
CVE-2020-8193 (CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
