Citrix ADC - Arbitrary File Read (CVE-2020-8193, CVE-2020-8195, CVE-2020-8196) (CVE-2020-8193, CVE-2020-8195, CVE-2020-8196)

Severity
CVSSv3 Score: 6.5
CVE: CVE-2020-8193 CVE-2020-8195 CVE-2020-8196

Vulnerability description

Citrix ADC, Citrix Gateway, Netscaler Gateway and Citrix SDWAN WAN-OP are affected by an Arbitrary File Read vulnerability, through an authorization bypass. The root cause of this vulnerability is that the server did not properly restrict access to the vulnerable exposed endpoint. An attacker can send crafted requests to the NSIP address to bypass the administration login. This can lead to information disclosure vulnerabilities (CVE-2020-8195, CVE-2020-8196), where an attacker can view sensitive files, including configuration files.

Risk description

The risk exists that a remote unauthenticated attacker can read any file on the server in order to steal confidential information.

Exploit capabilities

Sniper can read arbitrary files from the target system and extract them as evidence.

Recommendation

Apply the latest patch, which fixes this vulnerability.

References

https://nvd.nist.gov/vuln/detail/CVE-2020-8193

https://nvd.nist.gov/vuln/detail/CVE-2020-8195

https://nvd.nist.gov/vuln/detail/CVE-2020-8196

Codename

Detectable with: Network Scanner
Exploitable with Sniper: Yes
Vuln date: Jul 2020
Published at: Sep 2021
Updated at: Sep 2021
Software Type: Firewall
Vendor: Citrix
Product: ADC/Gateway