Denial of Service Vulnerability in Citrix ADC and Gateway Products
CVE-2020-8246

7.5HIGH

Key Information:

Vendor
Citrix
Status
Citrix Adc, Citrix Gateway, Citrix Sdwan Wan-op
Vendor
CVE Published:
18 September 2020

Summary

Citrix ADC and Citrix Gateway products have a vulnerability that allows an attacker to execute a denial of service attack originating from the management network. This issue affects multiple versions of Citrix ADC, NetScaler Gateway, and Citrix SD-WAN WANOP, making them susceptible to disruptions that can impact service availability.

Affected Version(s)

Citrix ADC, Citrix Gateway, Citrix SDWAN WAN-OP Citrix ADC and Citrix Gateway 13.0 before 13.0-64.35, Citrix ADC and NetScaler Gateway 12.1 before 12.1-58.15, Citrix ADC 12.1-FIPS before 12.1-55.187, Citrix ADC and NetScaler Gateway 12.0, Citrix ADC and NetScaler Gateway 11.1 before 11.1-65.12, Citrix SD-WAN WANOP 11.2 before 11.2.1a, Citrix SD-WAN WANOP 11.1 before 11.1.2a, Citrix SD-WAN WANOP 11.0 before 11.0.3f, Citrix SD-WAN WANOP 10.2 before 10.2.7b

References

https://support.citrix.com/article/CTX281474
x_refsource_MISC

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.