Improper input validation in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 resulting in limited information disclosure to low privileged users.
References
Link | Resource |
---|---|
https://support.citrix.com/article/CTX276688 | Vendor Advisory |
http://packetstormsecurity.com/files/160047/Citrix-ADC-NetScaler-Local-File-Inclusion.html | Exploit Third Party Advisory VDB Entry |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
|
Information
Published : 2020-07-10 09:15
Updated : 2022-09-20 10:23
NVD link : CVE-2020-8195
Mitre link : CVE-2020-8195
JSON object : View
CWE
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Products Affected
citrix
- netscaler_gateway_firmware
- application_delivery_controller
- 4000-wo
- 5000-wo
- 5100-wo
- application_delivery_controller_firmware
- 4100-wo
- netscaler_gateway
- gateway
- sd-wan_wanop
- gateway_plug-in_for_linux
- gateway_firmware