Remote Code Execution Vulnerability in Citrix SD-WAN Center
CVE-2020-8271
9.8CRITICAL
Summary
This vulnerability allows unauthorized users to execute arbitrary code with root privileges on the Citrix SD-WAN Center. Systems running versions earlier than 11.2.2, 11.1.2b, and 10.2.8 are particularly at risk. Attackers can exploit this flaw, leading to potential compromises of system integrity and security, highlighting the need for timely updates and stronger access controls.
Affected Version(s)
Citrix SD-WAN Center Fixed in 11.2.2, 11.1.2b and 10.2.8
References
EPSS Score
39% chance of being exploited in the next 30 days.
CVSS V3.1
Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved