Severity Rating: High
Software Affected
· Citrix ADC and Citrix Gateway prior to version13.0-58.30
· Citrix ADC and NetScaler Gateway prior to version 12.1-57.18
· Citrix ADC and NetScaler Gateway prior to version 12.0-63.21
· Citrix ADC and NetScaler Gateway prior to version 11.1-64.14
· NetScaler ADC and NetScaler Gateway prior to version 10.5-70.18
· Citrix SD-WAN WANOP 11.1.1a prior to version
· Citrix SD-WAN WANOP 11.0.3d prior to version
· Citrix SD-WAN WANOP 10.2.7 prior to version
· Citrix Gateway Plug-in for Linux prior to version 1.0.0.137.
Overview
Multiple vulnerabilities have been reported in Citrix ADC (Application
Delivery Controller), Citrix Gateway and Citrix SD-WAN WANOP appliance
models 4000-WO, 4100-WO, 5000-WO, and 5100-WO which could allow an attacker
to gain elevated privileges or cause denial of services (DoS),information
disclosure, authorization bypass ,code injection and Cross Site Scripting
on the targeted system.
Description
1.Information disclosure Vulnerability
(CVE-2019-18177)(CVE-2020-8196)(CVE-2020-8195)
A Vulnerability exists in Citrix ADC, Citrix Gateway and Citrix SD-WAN
WANOP that could allow a remote authenticated user to obtain sensitive
information. An attacker could exploit this vulnerability by sending a
crafted request to the targeted device.
Successful exploitation of this vulnerability could allow the attacker to
obtain sensitive information and use this information to launch further
attacks against the affected system.
2. Privilege elevation vulnerability (CVE-2020-8190) (CVE-2020-8197)
(CVE-2020-8199)
A Vulnerability exists in Citrix ADC, Citrix Gateway and Citrix Gateway
Plug-in for Linux that could allow a local authenticated malicious user to
gain elevated privileges on the system. An attacker could exploit this
vulnerability by executing a specially-crafted program to the targeted
device.
Successful exploitation of this vulnerability could allow the attacker to
gain elevated privileges.
3. Cross Site Scripting vulnerability (CVE-2020-8191 (CVE-2020-8198)
A Vulnerability exists in Citrix ADC, Citrix Gateway and Citrix SD-WAN
WANOP due to improper validation of user-supplied input. This vulnerability
could allow a remote attacker to gain user credentials. An attacker could
exploit this vulnerability by executing a specially-crafted URL to execute
script in a victim's Web browser.
Successful exploitation of this vulnerability could allow the attacker to
steal the victim's cookie-based authentication credentials.
4. Authorization bypass vulnerability (CVE-2020-8193)
A Vulnerability exists in Citrix ADC, Citrix Gateway and Citrix SD-WAN
WANOP due to improper authentication validation. This vulnerability could
allow a remote attacker to bypass security restrictions. An attacker could
exploit this vulnerability by sending a specially-crafted request to the
targeted device.
Successful exploitation of this vulnerability could allow the attacker to
bypass access restrictions.
5. Code Injection vulnerability (CVE-2020-8194)
A Vulnerability exists in Citrix ADC, Citrix Gateway and Citrix SD-WAN
WANOP due to a code injection flaw. This vulnerability could allow a remote
attacker to execute arbitrary code on the system. An attacker could exploit
this vulnerability by persuading a victim to open a specially-crafted
content on the targeted system.
Successful exploitation of this vulnerability could allow the attacker to
execute arbitrary code on the targeted system.
Solution
Apply appropriate updates as mentioned in:
Vendor Information
CITRIX
Reference
CITRIX
CVE Name
(CVE-2019-18177)
(CVE-2020-8196)
(CVE-2020-8195)
(CVE-2020-8190)
(CVE-2020-8197)
(CVE-2020-8199)
(CVE-2020-8198)
(CVE-2020-8191)
(CVE-2020-8193)
(CVE-2020-8194)
(CVE-2020-8187)
About Cert Advisory
We have created this blog to provide latest security advisory from the india cert for the security vulnerability, threats, attacks and patching required to mitigate any kind of cyber attacks.