1. CVE-Search
  2. CVE-2020-8190
ID CVE-2020-8190
Summary Incorrect file permissions in Citrix ADC and Citrix Gateway before versions 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 allows privilege escalation.
References
Vulnerable Configurations
  • cpe:2.3:o:citrix:application_delivery_controller_firmware:10.5:*:*:*:*:*:*:*
    cpe:2.3:o:citrix:application_delivery_controller_firmware:10.5:*:*:*:*:*:*:*
  • cpe:2.3:o:citrix:application_delivery_controller_firmware:11.1:*:*:*:*:*:*:*
    cpe:2.3:o:citrix:application_delivery_controller_firmware:11.1:*:*:*:*:*:*:*
  • cpe:2.3:o:citrix:application_delivery_controller_firmware:12.0:*:*:*:*:*:*:*
    cpe:2.3:o:citrix:application_delivery_controller_firmware:12.0:*:*:*:*:*:*:*
  • cpe:2.3:o:citrix:application_delivery_controller_firmware:12.1:*:*:*:*:*:*:*
    cpe:2.3:o:citrix:application_delivery_controller_firmware:12.1:*:*:*:*:*:*:*
  • cpe:2.3:o:citrix:application_delivery_controller_firmware:13.0:*:*:*:*:*:*:*
    cpe:2.3:o:citrix:application_delivery_controller_firmware:13.0:*:*:*:*:*:*:*
  • cpe:2.3:h:citrix:application_delivery_controller:-:*:*:*:*:*:*:*
    cpe:2.3:h:citrix:application_delivery_controller:-:*:*:*:*:*:*:*
  • cpe:2.3:o:citrix:netscaler_gateway_firmware:10.5:*:*:*:*:*:*:*
    cpe:2.3:o:citrix:netscaler_gateway_firmware:10.5:*:*:*:*:*:*:*
  • cpe:2.3:o:citrix:netscaler_gateway_firmware:11.1:*:*:*:*:*:*:*
    cpe:2.3:o:citrix:netscaler_gateway_firmware:11.1:*:*:*:*:*:*:*
  • cpe:2.3:o:citrix:netscaler_gateway_firmware:12.0:*:*:*:*:*:*:*
    cpe:2.3:o:citrix:netscaler_gateway_firmware:12.0:*:*:*:*:*:*:*
  • cpe:2.3:o:citrix:netscaler_gateway_firmware:12.1:*:*:*:*:*:*:*
    cpe:2.3:o:citrix:netscaler_gateway_firmware:12.1:*:*:*:*:*:*:*
  • cpe:2.3:h:citrix:netscaler_gateway:-:*:*:*:*:*:*:*
    cpe:2.3:h:citrix:netscaler_gateway:-:*:*:*:*:*:*:*
  • cpe:2.3:o:citrix:gateway_firmware:13.0:*:*:*:*:*:*:*
    cpe:2.3:o:citrix:gateway_firmware:13.0:*:*:*:*:*:*:*
  • cpe:2.3:h:citrix:gateway:-:*:*:*:*:*:*:*
    cpe:2.3:h:citrix:gateway:-:*:*:*:*:*:*:*
CVSS
Base: 6.0 (as of 13-07-2020 - 20:51)
Impact:
Exploitability:
CWE CWE-281
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM SINGLE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:M/Au:S/C:P/I:P/A:P
refmap via4
misc https://support.citrix.com/article/CTX276688
Last major update 13-07-2020 - 20:51
Published 10-07-2020 - 16:15
Last modified 13-07-2020 - 20:51
Back to Top