PT-2020-20021 · Microsoft+1 · Active Directory+1

Published

2020-09-18

Updated

2020-10-07

CVE-2020-8200

CVSS v3.1

6.5

Medium

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Citrix StoreFront Server versions prior to 1912.0.1000

Description The issue concerns improper authentication, allowing an attacker authenticated on the same Microsoft Active Directory domain as a Citrix StoreFront server to read arbitrary files from that server.

Recommendations For versions prior to 1912.0.1000, update to version 1912.0.1000 or later to resolve the issue.

Fix

Improper Authentication

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-287

Related Identifiers

CVE-2020-8200

Affected Products

Citrix Storefront Server

Active Directory

PT-2020-20021 · Microsoft+1 · Active Directory+1

CVE-2020-8200

Weakness Enumeration

Related Identifiers

Affected Products

References · 3