Improper access control in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 allows unauthenticated access to certain URL endpoints.
CVSS Details
- CVSS 3.1 Base Score: 6.5
- CVSS 3.1 Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)
Covered by Rapid7
| Product | Vendor Advisory | Solution File | Added | Published |
|---|---|---|---|---|
| Citrix Adc | citrix-adc-upgrade-10_5_70_18citrix-adc-upgrade-11_1_64_14citrix-adc-upgrade-12_0_63_21citrix-adc-upgrade-12_1_57_18citrix-adc-upgrade-13_0_58_30 | Jul 7, 2020 | Jul 7, 2020 |
Prioritise with Active Threat Intelligence
With curated Threat Intelligence, you can see which vulnerabilities truly put you at risk, prioritize what matters most, and act before attackers do.
Explore Intelligence Hub