Menu
Citrix has announced multiple vulnerabilities have been discovered in Citrix ADC (formerly known as NetScaler ADC), Citrix Gateway (formerly known as NetScaler Gateway) and Citrix SD-WAN WANOP appliance models 4000-WO, 4100-WO, 5000-WO, and 5100-WO.
Please install updates to remediate.
Ask us how we can help secure your environment with the top 10-12 security enhancements every firm should have. #ITCornerView
Multiple vulnerabilities have been discovered in Citrix ADC (formerly known as NetScaler ADC), Citrix Gateway (formerly known as NetScaler Gateway) and Citrix SD-WAN WANOP appliance models 4000-WO, 4100-WO, 5000-WO, and 5100-WO. These vulnerabilities, if exploited, could result in the following security issues:
| CVE ID | Description | Vulnerability Type | Affected Products | Pre-conditions |
| CVE-2020-8245 | An HTML Injection attack against the SSL VPN web portal | CWE-79: Improper Neutralization of Input During Web Page Generation | Citrix ADC, Citrix Gateway | Requires an authenticated victim on the SSL VPN web portal who must open an attacker-controlled link in the browser |
| CVE-2020-8246 | A denial of service attack originating from the management network | CWE-400: Uncontrolled Resource Consumption | Citrix ADC, Citrix Gateway, Citrix SDWAN WAN-OP | Unauthenticated attacker with access to the management network |
| CVE-2020-8247 | Escalation of privileges on the management interface | CWE-269: Improper Privilege Management | Citrix ADC, Citrix Gateway, Citrix SDWAN WAN-OP | An attacker must possess privilege to execute arbitrary commands on the management interface |
#Citrix Alerts
#Citrix ADC