CVE-2020-8193

Citrix | Application Delivery Controller (ADC), Gateway, and SD-WAN WANOP ApplianceAdded 2021-11-03Remediation Deadline 2022-05-03

Citrix ADC, Gateway, and SD-WAN WANOP Appliance Authorization Bypass Vulnerability

Citrix ADC, Citrix Gateway, and multiple Citrix SD-WAN WANOP appliance models contain an authorization bypass vulnerability that may allow unauthenticated access to certain URL endpoints. The attacker must have access to the NetScaler IP (NSIP) in order to perform exploitation.

Required Action

Apply updates per vendor instructions.

Weakness Classification

CWE-284

References

https://nvd.nist.gov/vuln/detail/CVE-2020-8193

Cybersecurity Alerts

CVE-2020-8193

Citrix ADC, Gateway, and SD-WAN WANOP Appliance Authorization Bypass Vulnerability

Required Action

Weakness Classification

References