Signature Detail
This site is deprecated. Please CLICK HERE for latest updates
Short Name |
HTTP:INFO-LEAK:CITRIX-MUL-APP |
|---|---|
Severity |
Minor |
Recommended |
Yes |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Citrix ADC Gateway SDWAN WAN-OP Information Disclosure |
Release Date |
2020/07/30 |
Update Number |
3303 |
Supported Platforms |
idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
HTTP: Citrix ADC Gateway SDWAN WAN-OP Information Disclosure
This signature detects attempts to exploit a known vulnerability against Citrix ADC,Gateway and SDWAN WAN-OP. A successful attack can lead to sensitive information disclosure.
Extended Description
Improper input validation in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 resulting in limited information disclosure to low privileged users.
Affected Products
- Citrix application_delivery_controller_firmware 12.1
- Citrix application_delivery_controller_firmware 13.0
- Citrix gateway_firmware 13.0
- Citrix netscaler_gateway_firmware 10.5
- Citrix netscaler_gateway_firmware 12.1
References
- CVE: CVE-2020-8195
- CVE: CVE-2020-8196