CVE-2020-8195

medium

Description

Improper input validation in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 resulting in limited information disclosure to low privileged users.

From the Tenable Blog

CVE-2020-8193, CVE-2020-8195, and CVE-2020-8196: Active Exploitation of Citrix Vulnerabilities

CVE-2020-8193, CVE-2020-8195, and CVE-2020-8196: Active Exploitation of Citrix Vulnerabilities

Published: 2020-07-15

Following active exploitation against F5 BIG-IP devices, exploit attempts targeting newly disclosed vulnerabilities in Citrix products have begun, which include potential extraction of VPN sessions on vulnerable targets.

References

https://www.tenable.com/cyber-exposure/a-look-inside-the-ransomware-ecosystem

https://web.archive.org/web/20211025233339/https://twitter.com/pancak3lullz/status/1452679527197560837

https://www.tenable.com/cyber-exposure/2020-threat-landscape-retrospective

https://media.defense.gov/2020/Oct/20/2002519884/-1/-1/0/CSA_CHINESE_EXPLOIT_VULNERABILITIES_UOO179811.PDF

https://www.tenable.com/blog/hold-the-door-why-organizations-need-to-prioritize-patching-ssl-vpns

https://www.tenable.com/blog/one-year-later-what-can-we-learn-from-zerologon

https://www.tenable.com/blog/government-agencies-warn-of-state-sponsored-actors-exploiting-publicly-known-vulnerabilities

https://www.tenable.com/blog/cve-2020-8193-cve-2020-8195-and-cve-2020-819-active-exploitation-of-citrix-vulnerabilities

https://support.citrix.com/article/CTX276688

http://packetstormsecurity.com/files/160047/Citrix-ADC-NetScaler-Local-File-Inclusion.html

Details

Source: Mitre, NVD

Published: 2020-07-10

Updated: 2025-03-14

Known Exploited Vulnerability (KEV)

Risk Information

CVSS v2

Base Score: 4

Vector: CVSS2#AV:N/AC:L/Au:S/C:P/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 6.5

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Severity: Medium

EPSS

EPSS: 0.85271