Very High
CVE-2020-8195
CVE-2020-8195
Description
Improper input validation in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 resulting in limited information disclosure to low privileged users.
Add Assessment
Technical Analysis
This is an update based on the assessment provided in the more general topic for the Citrix vulns disclosed in https://support.citrix.com/article/CTX276688 which include this CVE. As API queries to this CVE do not contain this data, reflecting it in this topic.
Link to assessment:
https://attackerkb.com/assessments/50e7e3c5-644c-46ae-b650-1ef45cec22ad
Link to relevant url provided in the assessment:
https://research.nccgroup.com/2020/07/10/rift-citrix-adc-vulnerabilities-cve-2020-8193-cve-2020-8195-and-cve-2020-8196-intelligence/
Additional link which provides a PoC:
https://github.com/Zeop-CyberSec/citrix_adc_netscaler_lfi
Also, as mentioned by @gwillcox-r7 already, it is included in the Oct 20 NSA advisory.
Technical Analysis
This is now supposedly being exploited in the wild by Chinese state actors according to this NSA announcement: https://media.defense.gov/2020/Oct/20/2002519884/-1/-1/0/CSA_CHINESE_EXPLOIT_VULNERABILITIES_UOO179811.PDF
CVSS V3 Severity and Metrics
General Information
Vendors
- citrix
Products
- application delivery controller firmware,
- gateway firmware,
- gateway plug-in for linux,
- netscaler gateway firmware,
- sd-wan wanop
Exploited in the Wild
References
