1. Home
  2. Mapping Frameworks
  3. Known Exploited Vulnerabilities Home
  4. Citrix ADC, Gateway, and SD-WAN WANOP Appliance Authorization Bypass Vulnerability

Known Exploited Vulnerabilities CVE-2020-8193

Improper access control in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 allows unauthenticated access to certain URL endpoints.

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name Notes
CVE-2020-8193 Citrix ADC, Gateway, and SD-WAN WANOP Appliance Authorization Bypass Vulnerability exploitation_technique T1556 Modify Authentication Process
Comments
CVE-2020-8193 is an Authorization Bypass vulnerability in Citrix ADC, Gateway, and SD-WAN WANOP Appliance in various versions allows attacker to bypass authentication mechanisms via crafted requests.
References
  1. https://media.defense.gov/2020/Oct/20/2002519884/-1/-1/0/CSA_CHINESE_EXPLOIT_VULNERABILITIES_UOO179811.PDF
  2. https://www.bleepingcomputer.com/news/security/nsa-top-25-vulnerabilities-actively-abused-by-chinese-hackers/
CVE-2020-8193 Citrix ADC, Gateway, and SD-WAN WANOP Appliance Authorization Bypass Vulnerability primary_impact T1005 Data from Local System
Comments
CVE-2020-8193 is an Authorization Bypass vulnerability in Citrix ADC, Gateway, and SD-WAN WANOP Appliance in various versions allows attacker to bypass authentication mechanisms via crafted requests.
References
  1. https://media.defense.gov/2020/Oct/20/2002519884/-1/-1/0/CSA_CHINESE_EXPLOIT_VULNERABILITIES_UOO179811.PDF
  2. https://www.bleepingcomputer.com/news/security/nsa-top-25-vulnerabilities-actively-abused-by-chinese-hackers/