Citrix ADC and Citrix Gateway before versions 13.0-58.30 Improper Preservation of Permissions Vulnerability

Summary

Multiple vulnerabilities have been discovered in Citrix ADC (formerly known as NetScaler ADC), Citrix Gateway (formerly known as NetScaler Gateway) and Citrix SD-WAN WANOP appliance models 4000-WO, 4100-WO, 5000-WO, and 5100-WO.

Credit:

The information has been provided by Laurent Geyer

The original article can be found at:https://support.citrix.com/article/CTX276688


Details

Incorrect file permissions in Citrix ADC and Citrix Gateway before versions 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 allows privilege escalation.

 

Vulnerable Systems:

Citrix ADC and Citrix Gateway before versions 13.0-58.30

Citrix ADC and Citrix Gateway before versions 12.1-57.18

Citrix ADC and Citrix Gateway before versions 12.0-63.21

Citrix ADC and Citrix Gateway before versions 11.1-64.14 

Citrix ADC and Citrix Gateway before versions 10.5-70.18

 

CVE Information:

CVE-2020-8190

 

Disclosure Timeline:
Published Date:7/10/2020

Categories: FeaturedNews