Home
Mapping Frameworks
Known Exploited Vulnerabilities Home
Citrix ADC, Gateway, and SD-WAN WANOP Appliance Information Disclosure Vulnerability

Known Exploited Vulnerabilities CVE-2020-8195 Mappings

Improper input validation in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 resulting in limited information disclosure to low privileged users.

Mappings

Capability ID	Capability Description	Mapping Type	ATT&CK ID	ATT&CK Name	Notes
CVE-2020-8195	Citrix ADC, Gateway, and SD-WAN WANOP Appliance Information Disclosure Vulnerability	exploitation_technique	T1056	Input Capture	Comments CVE-2020-8195 is an information disclosure in Citrix ADC, Gateway, and SD-WAN WANOP Appliance which allows attacker to access sensitive information via crafted requests. References https://media.defense.gov/2020/Oct/20/2002519884/-1/-1/0/CSA_CHINESE_EXPLOIT_VULNERABILITIES_UOO179811.PDF https://www.bleepingcomputer.com/news/security/nsa-top-25-vulnerabilities-actively-abused-by-chinese-hackers/
CVE-2020-8195	Citrix ADC, Gateway, and SD-WAN WANOP Appliance Information Disclosure Vulnerability	primary_impact	T1082	System Information Discovery	Comments CVE-2020-8195 is an information disclosure in Citrix ADC, Gateway, and SD-WAN WANOP Appliance which allows attacker to access sensitive information via crafted requests. References https://media.defense.gov/2020/Oct/20/2002519884/-1/-1/0/CSA_CHINESE_EXPLOIT_VULNERABILITIES_UOO179811.PDF https://www.bleepingcomputer.com/news/security/nsa-top-25-vulnerabilities-actively-abused-by-chinese-hackers/
CVE-2020-8195	Citrix ADC, Gateway, and SD-WAN WANOP Appliance Information Disclosure Vulnerability	primary_impact	T1005	Data from Local System	Comments CVE-2020-8195 is an information disclosure in Citrix ADC, Gateway, and SD-WAN WANOP Appliance which allows attacker to access sensitive information via crafted requests. References https://media.defense.gov/2020/Oct/20/2002519884/-1/-1/0/CSA_CHINESE_EXPLOIT_VULNERABILITIES_UOO179811.PDF https://www.bleepingcomputer.com/news/security/nsa-top-25-vulnerabilities-actively-abused-by-chinese-hackers/