Intrusion PreventionCitrix.ADC.Gateway.SDWAN.WAN-OP.report.Authentication.Bypass
Description
This indicates an attack attempt to exploit a Authentication Bypass Vulnerability in Citrix ADC, Gateway, and SDWAN WAN-OP.
This vulnerability is due to improper authentication on certain HTTP endpoints in the vulnerable application. Successful exploitation could lead to the elevation of privileges for unauthenticated users.
Affected Products
Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18
Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7
Impact
Privilege Escalation: Remote attackers can leverage their privileges on vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://support.citrix.com/article/CTX276688
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
Version Updates
| Date | Version | Detail |
|---|---|---|
| 2020-08-26 | 15.912 | Default_action:pass:drop |
| 2020-08-18 | 15.907 | Sig Added |
| 2020-08-12 | 15.904 | Sig Added |
| 2020-07-27 | 15.894 |
| ID | 49351 |
| Created | Jul 16, 2020 |
| Updated | Aug 25, 2020 |
| Risk |
|
| CVE ID | CVE-2020-8193 |
| Known Exploited | Yes |
| Exploit Prediction Score | 97.46% |
| Default Action | drop |
| Active | |
| Affected OS | Linux |
| Affected App | Other |