Vulnerabilities > Citrix
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-07-10 | CVE-2020-8196 | Improper Authentication vulnerability in Citrix products Improper access control in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 resulting in limited information disclosure to low privileged users. | 4.3 |
| 2020-07-10 | CVE-2020-8195 | Path Traversal vulnerability in Citrix products Improper input validation in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 resulting in limited information disclosure to low privileged users. | 6.5 |
| 2020-07-10 | CVE-2020-8194 | Code Injection vulnerability in Citrix products Reflected code injection in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 allows the modification of a file download. | 6.5 |
| 2020-07-10 | CVE-2020-8193 | Improper Authentication vulnerability in Citrix products Improper access control in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 allows unauthenticated access to certain URL endpoints. | 6.5 |
| 2020-07-10 | CVE-2020-8191 | Cross-site Scripting vulnerability in Citrix products Improper input validation in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 allows reflected Cross Site Scripting (XSS). | 6.1 |
| 2020-07-10 | CVE-2020-8190 | Improper Preservation of Permissions vulnerability in Citrix products Incorrect file permissions in Citrix ADC and Citrix Gateway before versions 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 allows privilege escalation. | 7.5 |
| 2020-07-10 | CVE-2020-8187 | Improper Input Validation vulnerability in Citrix products Improper input validation in Citrix ADC and Citrix Gateway versions before 11.1-63.9 and 12.0-62.10 allows unauthenticated users to perform a denial of service attack. | 7.5 |
| 2020-06-11 | CVE-2020-13998 | Information Exposure Through Discrepancy vulnerability in Citrix Xenapp 6.5.0.0 Citrix XenApp 6.5, when 2FA is enabled, allows a remote unauthenticated attacker to ascertain whether a user exists on the server, because the 2FA error page only occurs after a valid username is entered. | 5.3 |
| 2020-06-08 | CVE-2020-13885 | Incorrect Default Permissions vulnerability in Citrix Workspace APP 1909/1911/2002 Citrix Workspace App before 1912 on Windows has Insecure Permissions which allows local users to gain privileges during the uninstallation of the application. | 7.8 |
| 2020-06-08 | CVE-2020-13884 | Incorrect Default Permissions vulnerability in Citrix Workspace APP 1909/1911/2002 Citrix Workspace App before 1912 on Windows has Insecure Permissions and an Unquoted Path vulnerability which allows local users to gain privileges during the uninstallation of the application. | 7.8 |