CISA Known Exploited Vulnerability

This vulnerability is actively exploited in the wild and listed in the CISA Known Exploited Vulnerabilities catalog.

Remediation Deadline: May 3, 2022

High

CISA KEV

CVE-2020-8193

Citrix—Application Delivery Controller (ADC), Gateway, and SD-WAN WANOP Appliance

Citrix ADC, Citrix Gateway, and multiple Citrix SD-WAN WANOP appliance models contain an authorization bypass vulnerability that may allow unauthenticated access to certain URL endpoints. The attacker must have access to the NetScaler IP (NSIP) in order to perform exploitation.

Required Action

https://nvd.nist.gov/vuln/detail/CVE-2020-8193

Vulnerability Overview

Severity: High
CISA KEV: Yes
Ransomware: Unknown
Published: Nov 3, 2021
KEV Added: Nov 3, 2021
Due Date: May 3, 2022
Related Articles: 0

Vendor

Citrix

Application Delivery Controller (ADC), Gateway, and SD-WAN WANOP Appliance