Security Lab

Множественные уязвимости в Citrix Application Delivery Controller, Citrix Gateway and Citrix SD-WAN WANOP appliance

Дата публикации:08.07.2020
Всего просмотров:774
Опасность:
Высокая
Наличие исправления: Да
Количество уязвимостей:11
CVSSv3.1 рейтинг: 6.5 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
7.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
7.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
6.1 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]
7.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]
8.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
6.5 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
6.5 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
8.8 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
7.2 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]
7.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE ID: CVE-2019-18177
CVE-2020-8187
CVE-2020-8190
CVE-2020-8191
CVE-2020-8193
CVE-2020-8194
CVE-2020-8195
CVE-2020-8196
CVE-2020-8197
CVE-2020-8198
CVE-2020-8199
Cybersecurity-Help ID: SB2020070807
Вектор эксплуатации: Удаленная
Воздействие: Межсайтовый скриптинг
Раскрытие важных данных
Повышение привилегий
Обход ограничений безопасности
Компрометация системы
CWE ID: Нет данных
Наличие эксплоита: Нет данных
Уязвимые продукты:
Уязвимые версии: Citrix Netscaler ADC версии 12.1, 12.0, 12.0 Build 57.24, 11.1 Build 58.13, 11.0 Build 71.24, 10.5 Build 68.7, 10.5 Build 67.10/67.13, 11.0 Build 71.18/71.22, 11.1 Build 57.11/57.13, 12.0 Build 56.20, 11.0 Build 70.16, 11.1 Build 55.13, 12.0 Build 53.13, 11.0 Build 70.12, 11.1 Build 51.21, 11.1 build 51.26, 11.1 Build 52.13, 11.1 build 53.11, 11.1 build 54.14, 11.1 build 54.16, 11.1 build 55.10, 12.0 build 41.16, 12.0 build 41.22, 12.0 Build 41.24, 12.0 build 51.24, 12.0 build 53.6
Citrix NetScaler Gateway версии 13.0.47.24, 13.0.47.22, 13.0.41.28, 13.0.41.20, 12.1.55.18, 12.1.54.16, 12.1.53.12, 12.1.52.15, 12.1.51.20, 12.1.51.19, 12.1.50.31, 12.0.63.13, 12.0.62.10, 12.0.62.8, 12.0.61.9, 12.0.61.8, 12.0.60.10, 12.0.60.9, 12.0.59.9, 11.1.63.15, 11.1.63.9, 11.1.62.8, 11.1.61.7, 11.1.60.14, 11.1.60.13, 11.0.72.16, 11.0.69.123, 11.0.68.11, 11.0.68.10, 11.0.67.12, 11.0.66.11, 11.0.65.35, 11.0.65.31, 11.0.64.34, 11.0.63.16, 11.0.62.10, 11.0.55.23, 11.0.55.20, 10.5.70.12, 10.5.70.8, 10.5.70.5, 10.5.69.5, 10.5.66.9, 10.5.66.6, 10.5.65.11, 10.5.64.9, 10.5.63.8, 10.5.62.9, 10.5.61.11, 10.5.60.7, 10.5.59.13, 10.5.59.11, 10.5.58.11, 10.5.57.7, 10.5.56.22, 10.5.56.21, 10.5.55.8, 10.5.54.9, 10.5.53.9, 10.5.52.11, 10.5.51.10, 10.5.50.10, 10.1.135.21, 10.1.135.18, 10.1.135.11, 10.1.135.10, 10.1.135.09, 10.1.135.08, 10.1.134.9, 10.1.133.9, 10.1.132.8, 10.1.131.11, 10.1.131.7, 10.1.130.13, 10.1.130.11, 10.1.129.22, 10.1.128.8, 10.1.127.10, 10.1.126.12, 10.1.125.9, 10.1.124.13, 10.1.123.11, 10.1.123.9, 10.1.122.17, 10.1.122.11, 10.1.121.10, 10.1.120.13, 10.1.119.7, 10.1.118.7, 10.1.112.15, 10.0.78.6, 10.0.77.5, 10.0.76.7, 10.0.75.7007.e, 10.0.75.7, 10.0.74.4006.e, 10.0.74.4, 10.0.73.5002.e, 10.0.73.5, 10.0.72.5005.e, 10.0.72.5, 10.0.71.6016.e, 10.0.71.6008.e, 10.0.71.6, 10.0.70.7012.e, 10.0.70.7002.e, 10.0.70.7, 10.0.69.4, 12.1.49.37, 12.1.49.23, 12.1, 11.1.59.10, 11.1.56.19, 11.1.56.15, 11.1.53.13, 11.1.50.10, 11.1.49.16, 11.1.48.10, 11.1.47.14, 11.1.41.26, 11.1.57.13, 11.0.71.22, 10.5.69.3, 10.5.67.13, 10.1, 10.0, 12.0.59.8, 12.0.58.18, 12.0.58.15, 12.0.57.19, 12.0.53.22, 12.0.35.6, 12.0.57.24, 11.1.58.13, 11.0.71.24, 10.5.68.7, 10.5.67.10, 11.0.71.18, 11.1.57.11, 12.0.56.20, 11.0.70.16, 11.1.55.13, 12.0.53.13, 11.0.70.12, 11.1.51.21, 11.1.51.26, 11.1.52.13, 11.1.53.11, 11.1.54.14, 11.1.54.16, 11.1.55.10, 12.0.41.16, 12.0.41.22, 12.0.41.24, 12.0.51.24, 12.0.53.6, 12.0, 11.1, 11.0, 10.5, 10.5e
SD-WAN 5100 WANOP версии 11.2.0, 11.1.0, 11.0.2, 11.0.1, 10.2.6c, 10.2.5, 10.2.4, 10.2.3
SD-WAN 5000 WANOP версии 11.2.0, 11.1.0, 11.0.2, 11.0.1, 10.2.6c, 10.2.5, 10.2.4, 10.2.3
SD-WAN 4100 WANOP версии 11.2.0, 11.1.0, 11.0.2, 11.0.1, 10.2.6c, 10.2.5, 10.2.4, 10.2.3
SD-WAN 4000 WANOP версии 11.2.0, 11.1.0, 11.0.2, 11.0.1, 10.2.6c, 10.2.5, 10.2.4, 10.2.3
Gateway Plug-in for Linux версии -
Описание:

Множественные уязвимости в Citrix Application Delivery Controller, Citrix Gateway and Citrix SD-WAN WANOP appliance

Решение: Установите исправление с сайта производителя.
Ссылки: https://www.cybersecurity-help.cz/vdb/SB2020070807