) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:o:citrix:gateway_firmware:13.0:*:*:*:*:*:*:*
- CPE Name Search: true
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2022-27518 |
Unauthenticated remote arbitrary code execution Published: December 13, 2022; 12:15:14 PM -0500 |
V3.1: 9.8 CRITICAL V2.0:(not available) |
| CVE-2020-8198 |
Improper input validation in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 resulting in Stored Cross-Site Scripting (XSS). Published: July 10, 2020; 12:15:12 PM -0400 |
V3.1: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2020-8197 |
Privilege escalation vulnerability on Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 allows a low privileged user with management access to execute arbitrary commands. Published: July 10, 2020; 12:15:12 PM -0400 |
V3.1: 8.8 HIGH V2.0: 6.5 MEDIUM |
| CVE-2020-8196 |
Improper access control in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 resulting in limited information disclosure to low privileged users. Published: July 10, 2020; 12:15:12 PM -0400 |
V3.1: 4.3 MEDIUM V2.0: 4.0 MEDIUM |
| CVE-2020-8195 |
Improper input validation in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 resulting in limited information disclosure to low privileged users. Published: July 10, 2020; 12:15:12 PM -0400 |
V3.1: 6.5 MEDIUM V2.0: 4.0 MEDIUM |
| CVE-2020-8194 |
Reflected code injection in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 allows the modification of a file download. Published: July 10, 2020; 12:15:12 PM -0400 |
V3.1: 6.5 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2020-8193 |
Improper access control in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 allows unauthenticated access to certain URL endpoints. Published: July 10, 2020; 12:15:12 PM -0400 |
V3.1: 6.5 MEDIUM V2.0: 5.0 MEDIUM |
| CVE-2020-8191 |
Improper input validation in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 allows reflected Cross Site Scripting (XSS). Published: July 10, 2020; 12:15:12 PM -0400 |
V3.1: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2020-8190 |
Incorrect file permissions in Citrix ADC and Citrix Gateway before versions 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 allows privilege escalation. Published: July 10, 2020; 12:15:12 PM -0400 |
V3.1: 7.5 HIGH V2.0: 6.0 MEDIUM |
| CVE-2019-19781 |
An issue was discovered in Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0. They allow Directory Traversal. Published: December 27, 2019; 9:15:12 AM -0500 |
V3.1: 9.8 CRITICAL V2.0: 7.5 HIGH |
| CVE-2019-18225 |
An issue was discovered in Citrix Application Delivery Controller (ADC) and Gateway before 10.5 build 70.8, 11.x before 11.1 build 63.9, 12.0 before build 62.10, 12.1 before build 54.16, and 13.0 before build 41.28. An attacker with management-interface access can bypass authentication to obtain appliance administrative access. These products formerly used the NetScaler brand name. Published: October 21, 2019; 2:15:10 PM -0400 |
V3.1: 9.8 CRITICAL V2.0: 7.5 HIGH |