CVE-2020-8195

Name of the Vulnerable Software and Affected Versions Citrix ADC versions prior to 13.0-58.30 Citrix ADC versions prior to 12.1-57.18 Citrix ADC versions prior to 12.0-63.21 Citrix ADC versions prior to 11.1-64.14 Citrix ADC versions prior to 10.5-70.18 Citrix Gateway versions prior to 13.0-58.30 Citrix Gateway versions prior to 12.1-57.18 Citrix Gateway versions prior to 12.0-63.21 Citrix Gateway versions prior to 11.1-64.14 Citrix Gateway versions prior to 10.5-70.18 Citrix SD-WAN WANOP versions prior to 11.1.1a Citrix SD-WAN WANOP versions prior to 11.0.3d Citrix SD-WAN WANOP versions prior to 10.2.7

Description The issue is related to insufficient input validation in Citrix ADC, Citrix Gateway, and Citrix SD-WAN WANOP, which can allow a remote attacker to gain unauthorized access to protected information. This can result in limited information disclosure to low-privileged users.

Recommendations For Citrix ADC and Citrix Gateway versions prior to 13.0-58.30, update to version 13.0-58.30 or later. For Citrix ADC and Citrix Gateway versions prior to 12.1-57.18, update to version 12.1-57.18 or later. For Citrix ADC and Citrix Gateway versions prior to 12.0-63.21, update to version 12.0-63.21 or later. For Citrix ADC and Citrix Gateway versions prior to 11.1-64.14, update to version 11.1-64.14 or later. For Citrix ADC and Citrix Gateway versions prior to 10.5-70.18, update to version 10.5-70.18 or later. For Citrix SD-WAN WANOP versions prior to 11.1.1a, update to version 11.1.1a or later. For Citrix SD-WAN WANOP versions prior to 11.0.3d, update to version 11.0.3d or later. For Citrix SD-WAN WANOP versions prior to 10.2.7, update to version 10.2.7 or later.