PT-2020-20055 · Citrix · Citrix Gateway+3
Published
2020-09-18
·
Updated
2020-10-07
·
CVE-2020-8246
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Citrix ADC and Citrix Gateway versions 13.0 through 13.0-64.34
Citrix ADC and NetScaler Gateway versions 12.1 through 12.1-58.14
Citrix ADC 12.1-FIPS versions 12.1-55.186 and earlier
Citrix ADC and NetScaler Gateway version 12.0
Citrix ADC and NetScaler Gateway versions 11.1 through 11.1-65.11
Citrix SD-WAN WANOP versions 11.2 through 11.2.0
Citrix SD-WAN WANOP versions 11.1 through 11.1.1
Citrix SD-WAN WANOP versions 11.0 through 11.0.2
Citrix SD-WAN WANOP versions 10.2 through 10.2.6
Description
The issue allows for a denial of service attack originating from the management network.
Recommendations
For Citrix ADC and Citrix Gateway versions 13.0 through 13.0-64.34, update to version 13.0-64.35 or later.
For Citrix ADC and NetScaler Gateway versions 12.1 through 12.1-58.14, update to version 12.1-58.15 or later.
For Citrix ADC 12.1-FIPS versions 12.1-55.186 and earlier, update to version 12.1-55.187 or later.
For Citrix ADC and NetScaler Gateway version 12.0, consider upgrading to a newer version.
For Citrix ADC and NetScaler Gateway versions 11.1 through 11.1-65.11, update to version 11.1-65.12 or later.
For Citrix SD-WAN WANOP versions 11.2 through 11.2.0, update to version 11.2.1a or later.
For Citrix SD-WAN WANOP versions 11.1 through 11.1.1, update to version 11.1.2a or later.
For Citrix SD-WAN WANOP versions 11.0 through 11.0.2, update to version 11.0.3f or later.
For Citrix SD-WAN WANOP versions 10.2 through 10.2.6, update to version 10.2.7b or later.
Fix
DoS
Resource Exhaustion
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Citrix Adc
Citrix Gateway
Citrix Sd-Wan Wanop
Netscaler Gateway