Attacker Value
Very High
(2 users assessed)
Exploitability
Unknown
(2 users assessed)
User Interaction
Unknown
Privileges Required
Unknown
Attack Vector
Unknown
2

CTX276688: Citrix Application Delivery Controller, Citrix Gateway, and Citrix SD-WAN WANOP appliance Security Update

Last updated July 09, 2020
Exploited in the Wild
Reported by ccondon-r7
Add any MITRE ATT&CK Tactics to the list below that apply to this CVE.

Description

Multiple vulnerabilities have been discovered in Citrix ADC (formerly known as NetScaler ADC), Citrix Gateway (formerly known as NetScaler Gateway) and Citrix SD-WAN WANOP appliance models 4000-WO, 4100-WO, 5000-WO, and 5100-WO. These vulnerabilities, if exploited, could result in a number of security issues .

Add Assessment

2
Ratings
  • Attacker Value
    Very High
Technical Analysis

Taking a quick look at [NCC group research](https://research.nccgroup.com/2020/07/10/rift-citrix-adc-vulnerabilities-cve-2020-8193-cve-2020-8195-and-cve-2020-8196-intelligence/] on this, it looks like combining the CVE-2020-8193 authentication bypass with one of the other vulnerabilities allows one to steal VPN session data from a device.

General Information

Technical Analysis