Vulnerabilities > CVE-2020-10110 - Unspecified vulnerability in Citrix Gateway Firmware 11.1/12.0/12.1
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
LOW Integrity impact
NONE Availability impact
NONE Summary
Citrix Gateway 11.1, 12.0, and 12.1 allows Information Exposure Through Caching. NOTE: Citrix disputes this as not a vulnerability. There is no sensitive information disclosure through the cache headers on Citrix ADC. The "Via" header lists cache protocols and recipients between the start and end points for a request or a response. The "Age" header provides the age of the cached response in seconds. Both headers are commonly used for proxy cache and the information is not sensitive
Vulnerable Configurations
Part | Description | Count |
---|---|---|
OS | 3 |
Packetstorm
data source | https://packetstormsecurity.com/files/download/156656/SYSS-2020-004.txt |
id | PACKETSTORM:156656 |
last seen | 2020-03-09 |
published | 2020-03-09 |
reporter | Micha Borrmann |
source | https://packetstormsecurity.com/files/156656/Citrix-Gateway-11.1-12.0-12.1-Information-Disclosure.html |
title | Citrix Gateway 11.1 / 12.0 / 12.1 Information Disclosure |
References
- http://packetstormsecurity.com/files/156656/Citrix-Gateway-11.1-12.0-12.1-Information-Disclosure.html
- https://seclists.org/fulldisclosure/2020/Mar/7
- https://support.citrix.com/search
- http://packetstormsecurity.com/files/156656/Citrix-Gateway-11.1-12.0-12.1-Information-Disclosure.html
- https://support.citrix.com/search
- https://seclists.org/fulldisclosure/2020/Mar/7