Unrated severityNVD Advisory· Published Sep 18, 2020· Updated Aug 4, 2024

CVE-2020-8245

Description

Improper Input Validation on Citrix ADC and Citrix Gateway 13.0 before 13.0-64.35, Citrix ADC and NetScaler Gateway 12.1 before 12.1-58.15, Citrix ADC 12.1-FIPS before 12.1-55.187, Citrix ADC and NetScaler Gateway 12.0, Citrix ADC and NetScaler Gateway 11.1 before 11.1-65.12, Citrix SD-WAN WANOP 11.2 before 11.2.1a, Citrix SD-WAN WANOP 11.1 before 11.1.2a, Citrix SD-WAN WANOP 11.0 before 11.0.3f, Citrix SD-WAN WANOP 10.2 before 10.2.7b leads to an HTML Injection attack against the SSL VPN web portal.

Affected products

Citrix/ADC and Gatewaydescription
Citrix Systems/SDWAN WAN-OPllm-fuzzy
Range: 11.2 < 11.2.1a, 11.1 < 11.1.2a, 11.0 < 11.0.3a, 10.2 < 10.2.7b
Citrix Systems/Access Gatewayllm-fuzzy
Range: 12.1 < 12.1-58.15, 12.0, 11.1 < 11.1-65.12
Netscaler/ADCllm-fuzzy
Range: 13.0 < 13.0-64.35, 12.1 < 12.1-58.15, 12.1-FIPS < 12.1-55.187, 12.0, 11.1 < 11.1-65.12

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

support.citrix.com/article/CTX281474mitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000