Denial-of-Service Vulnerability in Citrix ADC and NetScaler Gateway
CVE-2020-8299

6.5MEDIUM

Key Information:

Vendor
Citrix
Status
Citrix Adc, Citrix Gateway, Citrix Sd-wan Wanop Edition
Vendor
CVE Published:
16 June 2021

Summary

Citrix ADC and Citrix/NetScaler Gateway have a vulnerability that allows an attacker, located on the same Layer 2 network segment, to cause a denial-of-service condition through uncontrolled resource consumption. This issue affects multiple versions of the Citrix ADC and SD-WAN products. Organizations using these systems are advised to implement mitigations and upgrade to the fixed versions to enhance their network security.

Affected Version(s)

Citrix ADC, Citrix Gateway, Citrix SD-WAN WANOP Edition Fixed in Citrix ADC and Citrix Gateway 13.0-76.29 and later releases of 13.0, Citrix ADC and Citrix Gateway 12.1-61.18 and later releases of 12.1, Citrix ADC and NetScaler Gateway 11.1-65.20 and later releases of 11.1, Citrix ADC 12.1-FIPS 12.1-55.238 and later releases of 12.1-FIPS, Citrix SD-WAN WANOP 11.4.0 and later releases of 11.4, Citrix SD-WAN WANOP 11.3.2 and later releases of 11.3, Citrix SD-WAN WANOP 11.3.1a and later releases of 11.3, Citrix SD-WAN WANOP 11.2.3a and later releases of 11.2, Citrix SD-WAN WANOP 11.1.2c and later releases of 11.1, Citrix SD-WAN WANOP 10.2.9a and later releases of 10.2

References

https://support.citrix.com/article/CTX297155
x_refsource_MISC

CVSS V3.1

Score:
6.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Adjacent Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.