Improper Access Control Vulnerability in Citrix ADC and Citrix Gateway
CVE-2020-8300

6.5MEDIUM

Key Information:

Vendor: Citrix
Status: Citrix Adc, Citrix Gateway
Vendor: CVE Published:; 16 June 2021

Badges

👾 Exploit Exists🟡 Public PoC

Summary

The Citrix ADC and Citrix Gateway are affected by a significant vulnerability where improper access control can lead to SAML authentication hijacking. Cyber attackers can exploit this flaw through phishing attacks to steal active user sessions, allowing unauthorized access to sensitive information. This issue arises when Citrix ADC or Citrix Gateway is configured as either a SAML Service Provider (SP) or a SAML Identity Provider (IdP), making adequate security measures crucial for protecting user credentials and maintaining system integrity.

Affected Version(s)

Citrix ADC, Citrix Gateway Fixed in Citrix ADC and Citrix Gateway 13.0 before 13.0-82.41, Citrix ADC and Citrix Gateway 12.1 before 12.1-62.23, Citrix ADC and NetScaler Gateway 11.1 before 11.1-65.20, Citrix ADC 12.1-FIPS before 12.1-55.238

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CitrixADC-CVE-2020-8300
Created by stuartcarroll

References

https://support.citrix.com/article/CTX297155

x_refsource_MISC

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Jun 16, 2021
🟡
Public PoC available
Jun 15, 2021
👾
Exploit known to exist
Jun 15, 2021
Vulnerability Reserved
Jan 28, 2020