var-202009-1270
Vulnerability from variot
Citrix ADC and Citrix Gateway 13.0 before 13.0-64.35, Citrix ADC and NetScaler Gateway 12.1 before 12.1-58.15, Citrix ADC 12.1-FIPS before 12.1-55.187, Citrix ADC and NetScaler Gateway 12.0, Citrix ADC and NetScaler Gateway 11.1 before 11.1-65.12, Citrix SD-WAN WANOP 11.2 before 11.2.1a, Citrix SD-WAN WANOP 11.1 before 11.1.2a, Citrix SD-WAN WANOP 11.0 before 11.0.3f, Citrix SD-WAN WANOP 10.2 before 10.2.7b are vulnerable to escalation of privileges on the management interface. plural Citrix The product contains a privilege management vulnerability.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Citrix Application Delivery Controller is an application delivery controller. The product has features such as application delivery control and load balancing. Several Citrix Systems products contain security vulnerabilities that could allow attackers to escalate privileges on the management interface
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202009-1270",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "application delivery controller",
"scope": "gte",
"trust": 1.0,
"vendor": "citrix",
"version": "11.1"
},
{
"model": "application delivery controller",
"scope": "gte",
"trust": 1.0,
"vendor": "citrix",
"version": "13.0"
},
{
"model": "application delivery controller",
"scope": "lt",
"trust": 1.0,
"vendor": "citrix",
"version": "11.1-65.12"
},
{
"model": "gateway",
"scope": "lt",
"trust": 1.0,
"vendor": "citrix",
"version": "13.0-64.35"
},
{
"model": "gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "citrix",
"version": "11.1"
},
{
"model": "application delivery controller",
"scope": "gte",
"trust": 1.0,
"vendor": "citrix",
"version": "12.1"
},
{
"model": "sd-wan wanop",
"scope": "lt",
"trust": 1.0,
"vendor": "citrix",
"version": "11.2.1a"
},
{
"model": "sd-wan wanop",
"scope": "lt",
"trust": 1.0,
"vendor": "citrix",
"version": "11.0.3f"
},
{
"model": "netscaler gateway",
"scope": "lt",
"trust": 1.0,
"vendor": "citrix",
"version": "12.1-58.15"
},
{
"model": "application delivery controller",
"scope": "lt",
"trust": 1.0,
"vendor": "citrix",
"version": "13.0-64.35"
},
{
"model": "sd-wan wanop",
"scope": "lt",
"trust": 1.0,
"vendor": "citrix",
"version": "11.1.2a"
},
{
"model": "application delivery controller",
"scope": "lt",
"trust": 1.0,
"vendor": "citrix",
"version": "12.1-58.15"
},
{
"model": "sd-wan wanop",
"scope": "gte",
"trust": 1.0,
"vendor": "citrix",
"version": "11.0"
},
{
"model": "gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "citrix",
"version": "13.0"
},
{
"model": "netscaler gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "citrix",
"version": "12.1"
},
{
"model": "sd-wan wanop",
"scope": "gte",
"trust": 1.0,
"vendor": "citrix",
"version": "10.2"
},
{
"model": "sd-wan wanop",
"scope": "lt",
"trust": 1.0,
"vendor": "citrix",
"version": "10.2.7b"
},
{
"model": "gateway",
"scope": "lt",
"trust": 1.0,
"vendor": "citrix",
"version": "11.1-65.12"
},
{
"model": "sd-wan wanop",
"scope": "gte",
"trust": 1.0,
"vendor": "citrix",
"version": "11.1"
},
{
"model": "sd-wan wanop",
"scope": "gte",
"trust": 1.0,
"vendor": "citrix",
"version": "11.2"
},
{
"model": "citrix application delivery controller",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30c8\u30ea\u30c3\u30af\u30b9 \u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "citrix gateway",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30c8\u30ea\u30c3\u30af\u30b9 \u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "netscaler gateway",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30c8\u30ea\u30c3\u30af\u30b9 \u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "citrix sdwan wan-op",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30c8\u30ea\u30c3\u30af\u30b9 \u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-011868"
},
{
"db": "NVD",
"id": "CVE-2020-8247"
}
]
},
"cve": "CVE-2020-8247",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "CVE-2020-8247",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "VHN-186372",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2020-8247",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2020-8247",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2020-8247",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2020-8247",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-202009-1056",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-186372",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-186372"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-011868"
},
{
"db": "CNNVD",
"id": "CNNVD-202009-1056"
},
{
"db": "NVD",
"id": "CVE-2020-8247"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Citrix ADC and Citrix Gateway 13.0 before 13.0-64.35, Citrix ADC and NetScaler Gateway 12.1 before 12.1-58.15, Citrix ADC 12.1-FIPS before 12.1-55.187, Citrix ADC and NetScaler Gateway 12.0, Citrix ADC and NetScaler Gateway 11.1 before 11.1-65.12, Citrix SD-WAN WANOP 11.2 before 11.2.1a, Citrix SD-WAN WANOP 11.1 before 11.1.2a, Citrix SD-WAN WANOP 11.0 before 11.0.3f, Citrix SD-WAN WANOP 10.2 before 10.2.7b are vulnerable to escalation of privileges on the management interface. plural Citrix The product contains a privilege management vulnerability.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Citrix Application Delivery Controller is an application delivery controller. The product has features such as application delivery control and load balancing. Several Citrix Systems products contain security vulnerabilities that could allow attackers to escalate privileges on the management interface",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-8247"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-011868"
},
{
"db": "VULHUB",
"id": "VHN-186372"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-8247",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2020-011868",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202009-1056",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ESB-2020.3198",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-186372",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-186372"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-011868"
},
{
"db": "CNNVD",
"id": "CNNVD-202009-1056"
},
{
"db": "NVD",
"id": "CVE-2020-8247"
}
]
},
"id": "VAR-202009-1270",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-186372"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T21:59:01.313000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "CTX281474",
"trust": 0.8,
"url": "https://support.citrix.com/article/CTX281474"
},
{
"title": "Citrix Systems Various product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=128763"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-011868"
},
{
"db": "CNNVD",
"id": "CNNVD-202009-1056"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-269",
"trust": 1.1
},
{
"problemtype": "Improper authority management (CWE-269) [NVD Evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-186372"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-011868"
},
{
"db": "NVD",
"id": "CVE-2020-8247"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://support.citrix.com/article/ctx281474"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-8247"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.3198/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-186372"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-011868"
},
{
"db": "CNNVD",
"id": "CNNVD-202009-1056"
},
{
"db": "NVD",
"id": "CVE-2020-8247"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-186372"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-011868"
},
{
"db": "CNNVD",
"id": "CNNVD-202009-1056"
},
{
"db": "NVD",
"id": "CVE-2020-8247"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-09-18T00:00:00",
"db": "VULHUB",
"id": "VHN-186372"
},
{
"date": "2021-04-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-011868"
},
{
"date": "2020-09-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202009-1056"
},
{
"date": "2020-09-18T21:15:13.327000",
"db": "NVD",
"id": "CVE-2020-8247"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-10-07T00:00:00",
"db": "VULHUB",
"id": "VHN-186372"
},
{
"date": "2021-04-19T02:17:00",
"db": "JVNDB",
"id": "JVNDB-2020-011868"
},
{
"date": "2020-10-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202009-1056"
},
{
"date": "2024-11-21T05:38:35.100000",
"db": "NVD",
"id": "CVE-2020-8247"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202009-1056"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural \u00a0Citrix\u00a0 Product permission management vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-011868"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202009-1056"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.