Korean
<< Back
VID 210208
Severity 30
Port 80, ...
Protocol TCP
Class WWW
Detailed Description Improper input validation in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 resulting in limited information disclosure to low privileged users.

* References:
http://packetstormsecurity.com/files/160047/Citrix-ADC-NetScaler-Local-File-Inclusion.html
https://support.citrix.com/article/CTX276688

* Platforms Affected:
Citrix ADC and Citrix Gateway versions 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 before, Citrix SDWAN WAN-OP versions 11.1.1a, 11.0.3d and 10.2.7 before.
Recommendation Upgrade Citrix ADC and Citrix Gateway versions 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 later, Citrix SDWAN WAN-OP versions 11.1.1a, 11.0.3d and 10.2.7 later.
Related URL CVE-2020-8195 (CVE)
Related URL (SecurityFocus)
Related URL (ISS)