Vulnerability CVE-2020-8193 - Russian Vulnerability Scanner Database

Scores

EPSS

0.943High94.3%

0%20%40%60%80%100%

Percentile: 94.3%

CVSS

6.5Medium3.x

0246810

CVSS Score: 6.5/10

All CVSS Scores

CVSS 3.x

6.5

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

CVSS 2.0

5.0

Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N

Description

Improper access control in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 allows unauthenticated access to certain URL endpoints.

Sources

nvd

CWEs

CWE-287

Related Vulnerabilities

BDU:2023-00728

Exploits

Exploit ID: CVE-2020-8193

Source: github-poc

URL: https://github.com/ctlyz123/CVE-2020-8193

Vulnerable Software (4)

Type: Configuration

Vendor: citrix

Product: application_delivery_controller_firmware

Operating System: * * *

Trait:

{
  "children": [
    {
      "cpe_match": [
        {
          "cpe23uri": "cpe:2.3:o:citrix:application_delivery_controller_firmware:*:*:*:*:*:*:*:*",
          "versionEndExcluding": "10.5-70.18",...

{
  "children": [
    {
      "cpe_match": [
        {
          "cpe23uri": "cpe:2.3:o:citrix:application_delivery_controller_firmware:*:*:*:*:*:*:*:*",
          "versionEndExcluding": "10.5-70.18",
          "versionStartIncluding": "10.5",
          "vulnerable": true
        },
        {
          "cpe23uri": "cpe:2.3:o:citrix:application_delivery_controller_firmware:*:*:*:*:*:*:*:*",
          "versionEndExcluding": "11.1-64.14",
          "versionStartIncluding": "11.1",
          "vulnerable": true
        },
        {
          "cpe23uri": "cpe:2.3:o:citrix:application_delivery_controller_firmware:*:*:*:*:*:*:*:*",
          "versionEndExcluding": "12.0-63.21",
          "versionStartIncluding": "12.0",
          "vulnerable": true
        },
        {
          "cpe23uri": "cpe:2.3:o:citrix:application_delivery_controller_firmware:*:*:*:*:*:*:*:*",
          "versionEndExcluding": "12.1-57.18",
          "versionStartIncluding": "12.1",
          "vulnerable": true
        },
        {
          "cpe23uri": "cpe:2.3:o:citrix:application_delivery_controller_firmware:*:*:*:*:*:*:*:*",
          "versionEndExcluding": "13.0-58.30",
          "versionStartIncluding": "13.0",
          "vulnerable": true
        }
      ],
      "operator": "OR"
    },
    {
      "cpe_match": [
        {
          "cpe23uri": "cpe:2.3:h:citrix:application_delivery_controller:-:*:*:*:*:*:*:*"
        }
      ],
      "operator": "OR"
    }
  ],
  "operator": "AND"
}

Source: nvd

Type: Configuration

Vendor: citrix

Product: gateway_firmware

Operating System: * * *

Trait:

{
  "children": [
    {
      "cpe_match": [
        {
          "cpe23uri": "cpe:2.3:o:citrix:gateway_firmware:*:*:*:*:*:*:*:*",
          "versionEndExcluding": "13.0-58.30",
          "versionStart...

{
  "children": [
    {
      "cpe_match": [
        {
          "cpe23uri": "cpe:2.3:o:citrix:gateway_firmware:*:*:*:*:*:*:*:*",
          "versionEndExcluding": "13.0-58.30",
          "versionStartIncluding": "13.0",
          "vulnerable": true
        }
      ],
      "operator": "OR"
    },
    {
      "cpe_match": [
        {
          "cpe23uri": "cpe:2.3:h:citrix:gateway:-:*:*:*:*:*:*:*"
        }
      ],
      "operator": "OR"
    }
  ],
  "operator": "AND"
}

Source: nvd

Type: Configuration

Vendor: citrix

Product: netscaler_gateway_firmware

Operating System: * * *

Trait:

{
  "children": [
    {
      "cpe_match": [
        {
          "cpe23uri": "cpe:2.3:o:citrix:netscaler_gateway_firmware:*:*:*:*:*:*:*:*",
          "versionEndExcluding": "10.5-70.18",
          "ve...

{
  "children": [
    {
      "cpe_match": [
        {
          "cpe23uri": "cpe:2.3:o:citrix:netscaler_gateway_firmware:*:*:*:*:*:*:*:*",
          "versionEndExcluding": "10.5-70.18",
          "versionStartIncluding": "10.5",
          "vulnerable": true
        },
        {
          "cpe23uri": "cpe:2.3:o:citrix:netscaler_gateway_firmware:*:*:*:*:*:*:*:*",
          "versionEndExcluding": "11.1-64.14",
          "versionStartIncluding": "11.1",
          "vulnerable": true
        },
        {
          "cpe23uri": "cpe:2.3:o:citrix:netscaler_gateway_firmware:*:*:*:*:*:*:*:*",
          "versionEndExcluding": "12.0-63.21",
          "versionStartIncluding": "12.0",
          "vulnerable": true
        },
        {
          "cpe23uri": "cpe:2.3:o:citrix:netscaler_gateway_firmware:*:*:*:*:*:*:*:*",
          "versionEndExcluding": "12.1-57.18",
          "versionStartIncluding": "12.1",
          "vulnerable": true
        }
      ],
      "operator": "OR"
    },
    {
      "cpe_match": [
        {
          "cpe23uri": "cpe:2.3:h:citrix:netscaler_gateway:-:*:*:*:*:*:*:*"
        }
      ],
      "operator": "OR"
    }
  ],
  "operator": "AND"
}

Source: nvd

Type: Configuration

Vendor: citrix

Product: sd-wan_wanop

Operating System: * * *

Trait:

{
  "children": [
    {
      "cpe_match": [
        {
          "cpe23uri": "cpe:2.3:o:citrix:sd-wan_wanop:*:*:*:*:*:*:*:*",
          "versionEndExcluding": "10.2.7",
          "versionStartIncludin...

{
  "children": [
    {
      "cpe_match": [
        {
          "cpe23uri": "cpe:2.3:o:citrix:sd-wan_wanop:*:*:*:*:*:*:*:*",
          "versionEndExcluding": "10.2.7",
          "versionStartIncluding": "10.2",
          "vulnerable": true
        },
        {
          "cpe23uri": "cpe:2.3:o:citrix:sd-wan_wanop:*:*:*:*:*:*:*:*",
          "versionEndExcluding": "11.0.3d",
          "versionStartIncluding": "11.0",
          "vulnerable": true
        },
        {
          "cpe23uri": "cpe:2.3:o:citrix:sd-wan_wanop:*:*:*:*:*:*:*:*",
          "versionEndExcluding": "11.1.1a",
          "versionStartIncluding": "11.1",
          "vulnerable": true
        }
      ],
      "operator": "OR"
    },
    {
      "cpe_match": [
        {
          "cpe23uri": "cpe:2.3:h:citrix:4000-wo:-:*:*:*:*:*:*:*"
        },
        {
          "cpe23uri": "cpe:2.3:h:citrix:4100-wo:-:*:*:*:*:*:*:*"
        },
        {
          "cpe23uri": "cpe:2.3:h:citrix:5000-wo:-:*:*:*:*:*:*:*"
        },
        {
          "cpe23uri": "cpe:2.3:h:citrix:5100-wo:-:*:*:*:*:*:*:*"
        }
      ],
      "operator": "OR"
    }
  ],
  "operator": "AND"
}

Source: nvd

Russian Vulnerability Scanner Database

CVE-2020-8193

Scores

EPSS

CVSS

All CVSS Scores

Vector Breakdown

CVSS

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact

Vector Breakdown

CVSS

Attack Vector

Attack Complexity

Authentication

Confidentiality Impact

Integrity Impact

Availability Impact

Description

Scaner-VS 7 — a modern vulnerability management solution

Sources

CWEs

Related Vulnerabilities

Exploits

Vulnerable Software (4)