{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-19T06:53:08.188","vulnerabilities":[{"cve":{"id":"CVE-2020-8195","sourceIdentifier":"support@hackerone.com","published":"2020-07-10T16:15:12.327","lastModified":"2025-10-30T20:42:02.453","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Improper input validation in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 resulting in limited information disclosure to low privileged users."},{"lang":"es","value":"Una comprobación de entrada inapropiada en Citrix ADC y Citrix Gateway versiones anteriores a 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 y 10.5-70.18 y Citrix SDWAN WAN-OP versiones anteriores a 11.1.1a, 11.0.3d y 10.2.7, resulta en una divulgación de información limitada para usuarios poco privilegiados"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:N/A:N","baseScore":4.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"cisaExploitAdd":"2021-11-03","cisaActionDue":"2022-05-03","cisaRequiredAction":"Apply updates per vendor instructions.","cisaVulnerabilityName":"Citrix ADC, Gateway, and SD-WAN WANOP Appliance Information Disclosure Vulnerability","weaknesses":[{"source":"support@hackerone.com","type":"Secondary","description":[{"lang":"en","value":"CWE-20"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:citrix:application_delivery_controller_firmware:*:*:*:*:*:*:*:*","versionStartIncluding":"10.5","versionEndExcluding":"10.5-70.18","matchCriteriaId":"FC8327D0-8B64-44AF-A230-AAE32F3526CF"},{"vulnerable":true,"criteria":"cpe:2.3:o:citrix:application_delivery_controller_firmware:*:*:*:*:*:*:*:*","versionStartIncluding":"11.1","versionEndExcluding":"11.1-64.14","matchCriteriaId":"D4807513-1157-4CE3-8998-9C5EB9BBDA3E"},{"vulnerable":true,"criteria":"cpe:2.3:o:citrix:application_delivery_controller_firmware:*:*:*:*:*:*:*:*","versionStartIncluding":"12.0","versionEndExcluding":"12.0-63.21","matchCriteriaId":"165076F2-014F-46F9-A1AB-2256D935A21B"},{"vulnerable":true,"criteria":"cpe:2.3:o:citrix:application_delivery_controller_firmware:*:*:*:*:*:*:*:*","versionStartIncluding":"12.1","versionEndExcluding":"12.1-57.18","matchCriteriaId":"D6AE49E6-A6B9-4E2B-9AFB-7F1808D052F6"},{"vulnerable":true,"criteria":"cpe:2.3:o:citrix:application_delivery_controller_firmware:*:*:*:*:*:*:*:*","versionStartIncluding":"13.0","versionEndExcluding":"13.0-58.30","matchCriteriaId":"03868D24-B1C0-4245-AE28-0960CF2816C1"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:citrix:netscaler_gateway_firmware:*:*:*:*:*:*:*:*","versionStartIncluding":"10.5","versionEndExcluding":"10.5-70.18","matchCriteriaId":"BA7AAC01-A7CB-48F4-A25D-4A29479CD0DA"},{"vulnerable":true,"criteria":"cpe:2.3:o:citrix:netscaler_gateway_firmware:*:*:*:*:*:*:*:*","versionStartIncluding":"11.1","versionEndExcluding":"11.1-64.14","matchCriteriaId":"61C33096-91FD-4387-8B90-C8981DB7F926"},{"vulnerable":true,"criteria":"cpe:2.3:o:citrix:netscaler_gateway_firmware:*:*:*:*:*:*:*:*","versionStartIncluding":"12.0","versionEndExcluding":"12.0-63.21","matchCriteriaId":"7605821F-21B0-4F9D-AAD1-F901CED00585"},{"vulnerable":true,"criteria":"cpe:2.3:o:citrix:netscaler_gateway_firmware:*:*:*:*:*:*:*:*","versionStartIncluding":"12.1","versionEndExcluding":"12.1-57.18","matchCriteriaId":"6FA8946F-75C2-4515-9EBE-E1884B35ECF1"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:citrix:gateway_firmware:*:*:*:*:*:*:*:*","versionStartIncluding":"13.0","versionEndExcluding":"13.0-58.30","matchCriteriaId":"E6D0CC10-FE91-40E4-BFFD-11BE41DD4269"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:citrix:sd-wan_wanop:*:*:*:*:*:*:*:*","versionStartIncluding":"10.2","versionEndExcluding":"10.2.7","matchCriteriaId":"B7DF63BB-CCE6-4405-8E6D-6DF1BC975D3D"},{"vulnerable":true,"criteria":"cpe:2.3:o:citrix:sd-wan_wanop:*:*:*:*:*:*:*:*","versionStartIncluding":"11.0","versionEndExcluding":"11.0.3d","matchCriteriaId":"1D1A5E7D-C3A7-48B8-BD6D-5973F8361DEC"},{"vulnerable":true,"criteria":"cpe:2.3:o:citrix:sd-wan_wanop:*:*:*:*:*:*:*:*","versionStartIncluding":"11.1","versionEndExcluding":"11.1.1a","matchCriteriaId":"0471F1F0-F804-47BA-98A1-7080E1C740E7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:citrix:4000-wo:-:*:*:*:*:*:*:*","matchCriteriaId":"25C848BC-98F7-41D4-A262-8B7EB304F4C1"},{"vulnerable":false,"criteria":"cpe:2.3:h:citrix:4100-wo:-:*:*:*:*:*:*:*","matchCriteriaId":"F3979EFF-AE6E-4274-97E2-58C7E01C920E"},{"vulnerable":false,"criteria":"cpe:2.3:h:citrix:5000-wo:-:*:*:*:*:*:*:*","matchCriteriaId":"C87AF39E-6BCF-4188-BAB1-A5CBDEBF662E"},{"vulnerable":false,"criteria":"cpe:2.3:h:citrix:5100-wo:-:*:*:*:*:*:*:*","matchCriteriaId":"38514675-1C15-460C-B34C-2633A8A36A78"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:citrix:gateway_plug-in_for_linux:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.0.137","matchCriteriaId":"25969217-EB50-466A-9F0F-5DEB1805B27D"}]}]}],"references":[{"url":"http://packetstormsecurity.com/files/160047/Citrix-ADC-NetScaler-Local-File-Inclusion.html","source":"support@hackerone.com","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"https://support.citrix.com/article/CTX276688","source":"support@hackerone.com","tags":["Vendor Advisory"]},{"url":"http://packetstormsecurity.com/files/160047/Citrix-ADC-NetScaler-Local-File-Inclusion.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"https://support.citrix.com/article/CTX276688","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-8195","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["US Government Resource"]}]}}]}