Gateway Firmware Security Vulnerabilities and Issues — Gateway Firmware CVE List

Lucene search

CitrixGateway Firmware

11 matches found

CVE•added 2020/07/10 4:15 p.m.•1086 views

CVE-2020-8193

Improper access control in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 allows unauthenticated access to certain URL endpoints.

6.5CVSS6.5AI score0.94349EPSS

CVE•added 2020/07/10 4:15 p.m.•1043 views

CVE-2020-8195

Improper input validation in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 resulting in limited information disclosure to low privileged users.

6.5CVSS6.2AI score0.85271EPSS

CVE•added 2020/07/10 4:15 p.m.•1043 views

CVE-2020-8196

Improper access control in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 resulting in limited information disclosure to low privileged users.

4.3CVSS5AI score0.6387EPSS

CVE•added 2020/07/10 4:15 p.m.•162 views

CVE-2020-8194

Reflected code injection in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 allows the modification of a file download.

6.5CVSS6.8AI score0.79516EPSS

CVE•added 2020/03/06 9:15 p.m.•145 views

CVE-2020-10110

Citrix Gateway 11.1, 12.0, and 12.1 allows Information Exposure Through Caching. NOTE: Citrix disputes this as not a vulnerability. There is no sensitive information disclosure through the cache headers on Citrix ADC. The "Via" header lists cache protocols and recipients between the start and end p...

5.3CVSS5.1AI score0.00586EPSS

CVE•added 2020/03/06 9:15 p.m.•144 views

CVE-2020-10112

Citrix Gateway 11.1, 12.0, and 12.1 allows Cache Poisoning. NOTE: Citrix disputes this as not a vulnerability. By default, Citrix ADC only caches static content served under certain URL paths for Citrix Gateway usage. No dynamic content is served under these paths, which implies that those cached p...

5.8CVSS5.5AI score0.00501EPSS

CVE•added 2020/03/06 9:15 p.m.•141 views

CVE-2020-10111

Citrix Gateway 11.1, 12.0, and 12.1 has an Inconsistent Interpretation of HTTP Requests. NOTE: Citrix disputes the reported behavior as not a security issue. Citrix ADC only caches HTTP/1.1 traffic for performance optimization

7.5CVSS7.5AI score0.00501EPSS

CVE•added 2020/07/10 4:15 p.m.•77 views

CVE-2020-8191

6.1CVSS6.2AI score0.90005EPSS

CVE•added 2020/07/10 4:15 p.m.•66 views

CVE-2020-8190

Incorrect file permissions in Citrix ADC and Citrix Gateway before versions 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 allows privilege escalation.

7.5CVSS8.1AI score0.00268EPSS

CVE•added 2020/07/10 4:15 p.m.•65 views

CVE-2020-8197

Privilege escalation vulnerability on Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 allows a low privileged user with management access to execute arbitrary commands.

8.8CVSS8.9AI score0.0071EPSS

CVE•added 2020/07/10 4:15 p.m.•58 views

CVE-2020-8198

6.1CVSS6.5AI score0.0039EPSS