Home
Mapping Frameworks
Known Exploited Vulnerabilities Home
Citrix ADC, Gateway, and SD-WAN WANOP Appliance Authorization Bypass Vulnerability

Known Exploited Vulnerabilities CVE-2020-8193 Mappings

Improper access control in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 allows unauthenticated access to certain URL endpoints.

Mappings

Capability ID	Capability Description	Mapping Type	ATT&CK ID	ATT&CK Name	Notes
CVE-2020-8193	Citrix ADC, Gateway, and SD-WAN WANOP Appliance Authorization Bypass Vulnerability	exploitation_technique	T1556	Modify Authentication Process	Comments CVE-2020-8193 is an Authorization Bypass vulnerability in Citrix ADC, Gateway, and SD-WAN WANOP Appliance in various versions allows attacker to bypass authentication mechanisms via crafted requests. References https://media.defense.gov/2020/Oct/20/2002519884/-1/-1/0/CSA_CHINESE_EXPLOIT_VULNERABILITIES_UOO179811.PDF https://www.bleepingcomputer.com/news/security/nsa-top-25-vulnerabilities-actively-abused-by-chinese-hackers/
CVE-2020-8193	Citrix ADC, Gateway, and SD-WAN WANOP Appliance Authorization Bypass Vulnerability	primary_impact	T1005	Data from Local System	Comments CVE-2020-8193 is an Authorization Bypass vulnerability in Citrix ADC, Gateway, and SD-WAN WANOP Appliance in various versions allows attacker to bypass authentication mechanisms via crafted requests. References https://media.defense.gov/2020/Oct/20/2002519884/-1/-1/0/CSA_CHINESE_EXPLOIT_VULNERABILITIES_UOO179811.PDF https://www.bleepingcomputer.com/news/security/nsa-top-25-vulnerabilities-actively-abused-by-chinese-hackers/