Description

Acunetix determined that it was possible to access Citrix ADC NetScaler's sensitive files without authentication.

Remediation

Upgrade to the latest version of Citrix NetScaler

References

Adventures in Citrix security research

Citrix Application Delivery Controller, Citrix Gateway, and Citrix SD-WAN WANOP appliance Security Update

Related Vulnerabilities

Python Improper Restriction of XML External Entity Reference Vulnerability (CVE-2022-48565)

Oracle Database Server CVE-2013-3774 Vulnerability (CVE-2013-3774)

WordPress Plugin easyping-website subscriptions done right PHP Object Injection (0.0.1)

WordPress Plugin Add Social Share Messenger Buttons Whatsapp and Viber Cross-Site Request Forgery (1.0.8)

WordPress Plugin Qwizcards-online quizzes and flashcards Cross-Site Scripting (3.61)

Severity

Medium

Classification

CVE-2020-8193 CWE-284 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N

Tags

Information Disclosure Missing Update Known Vulnerabilities