CVE-2020-8193 Scanner
CVE-2020-8193 scanner - Improper Access Control vulnerability in Citrix ADC, Citrix Gateway, Citrix SDWAN WAN-OP
Short Info
Level
Medium
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
30 seconds
Time Interval
4 weeks
Scan only one
URL
Toolbox
-
Citrix is a widely-used software platform that offers a range of services such as remote application delivery, desktop virtualization, networking, and cloud computing. Amongst the many products offered by Citrix, the Citrix ADC, Citrix Gateway, and Citrix SDWAN WAN-OP are some of the most popular ones. The Citrix ADC (formerly referred to as NetScaler ADC) is an application delivery controller that enables secure and optimized delivery of web and mobile applications. The Citrix Gateway (formerly known as NetScaler Gateway) is a secure remote access solution that offers secure and seamless access to applications and data from anywhere, on any device. The Citrix SDWAN WAN-OP is an SD-WAN solution that automates and dynamically routes WAN traffic to the cloud.
One of the most severe vulnerabilities, CVE-2020-8193, has been detected in Citrix ADC, Citrix Gateway and Citrix SDWAN WAN-OP. Specifically, this vulnerability has been found in versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14, and 10.5-70.18 for Citrix ADC, Citrix Gateway, and versions before 11.1.1a, 11.0.3d, and 10.2.7 for Citrix SDWAN WAN-OP. This vulnerability relates to improper access control, due to which unauthenticated access to certain URL endpoints is allowed. The vulnerability allows attackers to steal sensitive information from the network.
When exploited, this vulnerability can cause significant harm, including data theft, network surveillance, supply chain disruption, and more. Attackers can exploit this vulnerability to gain unauthorized access to the network, launch denial-of-service attacks, disrupt business operations, and steal critical data. The vulnerability can allow attackers to bypass security controls, including firewalls, intrusion prevention systems, and content filters. This can lead to theft of confidential data, loss of data, damage to reputation, and financial losses.
Thanks to the pro features of the s4e.io platform, those who read this article can easily and quickly learn about vulnerabilities in their digital assets. The platform offers comprehensive vulnerability scanning services and detailed reports on the vulnerabilities found. By leveraging the platform’s powerful APIs, users can also automate the remediation process and ensure that their digital assets are secure at all times. With s4e.io, users can rest assured that their systems and networks are safe from potential threats and can continue to focus on their core business operations without any interruptions.
REFERENCES
