var-202106-0490
Vulnerability from variot
Citrix ADC and Citrix/NetScaler Gateway 13.0 before 13.0-76.29, 12.1-61.18, 11.1-65.20, Citrix ADC 12.1-FIPS before 12.1-55.238, and Citrix SD-WAN WANOP Edition before 11.4.0, 11.3.2, 11.3.1a, 11.2.3a, 11.1.2c, 10.2.9a suffers from uncontrolled resource consumption by way of a network-based denial-of-service from within the same Layer 2 network segment. Note that the attacker must be in the same Layer 2 network segment as the vulnerable appliance. plural Citrix The product contains a resource depletion vulnerability.Denial of service (DoS) It may be put into a state. Citrix Application Delivery Controller (ADC) is an application delivery controller. Nim, etc. are all products of the Nim (Nim) community. Nim is a statically typed programming language. There are resource management error vulnerabilities in many Citix products. This vulnerability originates from improper management of system resources by network systems or products. Attackers can use this vulnerability to cause denial of service
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202106-0490",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "gateway",
"scope": "lt",
"trust": 1.0,
"vendor": "citrix",
"version": "12.1-61.18"
},
{
"model": "sd-wan wanop",
"scope": "lt",
"trust": 1.0,
"vendor": "citrix",
"version": "10.2.9a"
},
{
"model": "application delivery controller",
"scope": "gte",
"trust": 1.0,
"vendor": "citrix",
"version": "11.1"
},
{
"model": "netscaler gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "citrix",
"version": "11.1"
},
{
"model": "application delivery controller",
"scope": "lt",
"trust": 1.0,
"vendor": "citrix",
"version": "11.1-65.20"
},
{
"model": "sd-wan wanop",
"scope": "lt",
"trust": 1.0,
"vendor": "citrix",
"version": "11.2.3a"
},
{
"model": "sd-wan wanop",
"scope": "lt",
"trust": 1.0,
"vendor": "citrix",
"version": "11.3.2"
},
{
"model": "application delivery controller",
"scope": "lt",
"trust": 1.0,
"vendor": "citrix",
"version": "12.1-55.238"
},
{
"model": "application delivery controller",
"scope": "lt",
"trust": 1.0,
"vendor": "citrix",
"version": "13.0-76.29"
},
{
"model": "sd-wan wanop",
"scope": "lt",
"trust": 1.0,
"vendor": "citrix",
"version": "11.1.2c"
},
{
"model": "gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "citrix",
"version": "12.1"
},
{
"model": "application delivery controller",
"scope": "lt",
"trust": 1.0,
"vendor": "citrix",
"version": "12.1-61.18"
},
{
"model": "sd-wan wanop",
"scope": "gte",
"trust": 1.0,
"vendor": "citrix",
"version": "11.3"
},
{
"model": "sd-wan wanop",
"scope": "gte",
"trust": 1.0,
"vendor": "citrix",
"version": "11.1"
},
{
"model": "netscaler gateway",
"scope": "lt",
"trust": 1.0,
"vendor": "citrix",
"version": "11.1-65.20"
},
{
"model": "gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "citrix",
"version": "13.0"
},
{
"model": "sd-wan wanop",
"scope": "gte",
"trust": 1.0,
"vendor": "citrix",
"version": "11.2"
},
{
"model": "application delivery controller",
"scope": "gte",
"trust": 1.0,
"vendor": "citrix",
"version": "12.1"
},
{
"model": "sd-wan wanop",
"scope": "gte",
"trust": 1.0,
"vendor": "citrix",
"version": "10.2"
},
{
"model": "gateway",
"scope": "lt",
"trust": 1.0,
"vendor": "citrix",
"version": "13.0-76.29"
},
{
"model": "application delivery controller",
"scope": "gte",
"trust": 1.0,
"vendor": "citrix",
"version": "13.0"
},
{
"model": "citrix gateway",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30c8\u30ea\u30c3\u30af\u30b9 \u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "netscaler gateway",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30c8\u30ea\u30c3\u30af\u30b9 \u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "citrix application delivery controller",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30c8\u30ea\u30c3\u30af\u30b9 \u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "citrix sdwan wan-op",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30c8\u30ea\u30c3\u30af\u30b9 \u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-008429"
},
{
"db": "NVD",
"id": "CVE-2020-8299"
}
]
},
"cve": "CVE-2020-8299",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 3.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.5,
"id": "CVE-2020-8299",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 1.8,
"vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 3.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.5,
"id": "VHN-186424",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.1,
"vectorString": "AV:A/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.8,
"id": "CVE-2020-8299",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 6.5,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2020-8299",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2020-8299",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2020-8299",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-202106-722",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-186424",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-186424"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-008429"
},
{
"db": "CNNVD",
"id": "CNNVD-202106-722"
},
{
"db": "NVD",
"id": "CVE-2020-8299"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Citrix ADC and Citrix/NetScaler Gateway 13.0 before 13.0-76.29, 12.1-61.18, 11.1-65.20, Citrix ADC 12.1-FIPS before 12.1-55.238, and Citrix SD-WAN WANOP Edition before 11.4.0, 11.3.2, 11.3.1a, 11.2.3a, 11.1.2c, 10.2.9a suffers from uncontrolled resource consumption by way of a network-based denial-of-service from within the same Layer 2 network segment. Note that the attacker must be in the same Layer 2 network segment as the vulnerable appliance. plural Citrix The product contains a resource depletion vulnerability.Denial of service (DoS) It may be put into a state. Citrix Application Delivery Controller (ADC) is an application delivery controller. Nim, etc. are all products of the Nim (Nim) community. Nim is a statically typed programming language. There are resource management error vulnerabilities in many Citix products. This vulnerability originates from improper management of system resources by network systems or products. Attackers can use this vulnerability to cause denial of service",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-8299"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-008429"
},
{
"db": "VULHUB",
"id": "VHN-186424"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-8299",
"trust": 3.3
},
{
"db": "JVNDB",
"id": "JVNDB-2021-008429",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2021.1992",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202106-722",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-186424",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-186424"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-008429"
},
{
"db": "CNNVD",
"id": "CNNVD-202106-722"
},
{
"db": "NVD",
"id": "CVE-2020-8299"
}
]
},
"id": "VAR-202106-0490",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-186424"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:23:32.791000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "CTX297155",
"trust": 0.8,
"url": "https://support.citrix.com/article/CTX297155"
},
{
"title": "Citrix Systems NetScaler Gateway Remediation of resource management error vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=155265"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-008429"
},
{
"db": "CNNVD",
"id": "CNNVD-202106-722"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-400",
"trust": 1.1
},
{
"problemtype": "Resource exhaustion (CWE-400) [NVD Evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-186424"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-008429"
},
{
"db": "NVD",
"id": "CVE-2020-8299"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://support.citrix.com/article/ctx297155"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-8299"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.1992"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-186424"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-008429"
},
{
"db": "CNNVD",
"id": "CNNVD-202106-722"
},
{
"db": "NVD",
"id": "CVE-2020-8299"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-186424"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-008429"
},
{
"db": "CNNVD",
"id": "CNNVD-202106-722"
},
{
"db": "NVD",
"id": "CVE-2020-8299"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-06-16T00:00:00",
"db": "VULHUB",
"id": "VHN-186424"
},
{
"date": "2022-03-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-008429"
},
{
"date": "2021-06-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202106-722"
},
{
"date": "2021-06-16T14:15:08.107000",
"db": "NVD",
"id": "CVE-2020-8299"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-06-24T00:00:00",
"db": "VULHUB",
"id": "VHN-186424"
},
{
"date": "2022-03-16T07:24:00",
"db": "JVNDB",
"id": "JVNDB-2021-008429"
},
{
"date": "2021-06-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202106-722"
},
{
"date": "2021-06-24T20:23:38.283000",
"db": "NVD",
"id": "CVE-2020-8299"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202106-722"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural \u00a0Citrix\u00a0 Resource depletion vulnerability in the product",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-008429"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202106-722"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.