admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 17:21:36 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2020/CVE-2020-82xx/CVE-2020-8299.json
cad-safe-bot e6cbafdc40 Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00

303 lines
10 KiB
JSON
Raw Blame History

{
"id": "CVE-2020-8299",
"sourceIdentifier": "support@hackerone.com",
"published": "2021-06-16T14:15:08.107",
"lastModified": "2024-11-21T05:38:41.210",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Citrix ADC and Citrix/NetScaler Gateway 13.0 before 13.0-76.29, 12.1-61.18, 11.1-65.20, Citrix ADC 12.1-FIPS before 12.1-55.238, and Citrix SD-WAN WANOP Edition before 11.4.0, 11.3.2, 11.3.1a, 11.2.3a, 11.1.2c, 10.2.9a suffers from uncontrolled resource consumption by way of a network-based denial-of-service from within the same Layer 2 network segment. Note that the attacker must be in the same Layer 2 network segment as the vulnerable appliance."
},
{
"lang": "es",
"value": "Citrix ADC y Citrix/NetScaler Gateway versiones 13.0 anteriores a 13.0-76.29, 12.1-61.18, 11.1-65.20, Citrix ADC versiones 12.1-FIPS anteriores a 12.1-55.238, y Citrix SD-WAN WANOP Edition versiones anteriores a 11.4.0, 11. 3.2, 11.3.1a, 11.2.3a, 11.1.2c, 10.2.9a, sufren un consumo no controlado de recursos mediante una denegaci\u00f3n de servicio basada en la red desde el mismo segmento de red de capa 2. Tome en cuenta que el atacante debe estar en el mismo segmento de red de capa 2 que el dispositivo vulnerable"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P",
"baseScore": 3.3,
"accessVector": "ADJACENT_NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "PARTIAL"
},
"baseSeverity": "LOW",
"exploitabilityScore": 6.5,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "support@hackerone.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-400"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-400"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:citrix:gateway:*:*:*:*:*:*:*:*",
"versionStartIncluding": "12.1",
"versionEndExcluding": "12.1-61.18",
"matchCriteriaId": "871316FC-14DC-41BE-971B-61FBE11D5ABF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:citrix:gateway:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0",
"versionEndExcluding": "13.0-76.29",
"matchCriteriaId": "FAA24333-CF47-45C2-81E3-C990095920D6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:citrix:netscaler_gateway:*:*:*:*:*:*:*:*",
"versionStartIncluding": "11.1",
"versionEndExcluding": "11.1-65.20",
"matchCriteriaId": "D77B2AD2-BAF1-4FD3-B7C5-88AC1B130971"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:citrix:application_delivery_controller_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "11.1",
"versionEndExcluding": "11.1-65.20",
"matchCriteriaId": "E178AA28-B24F-4565-A314-1E58AAC54648"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:citrix:application_delivery_controller_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "12.1",
"versionEndExcluding": "12.1-61.18",
"matchCriteriaId": "7AEBA65F-2FEA-45B2-9118-8781258BC28D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:citrix:application_delivery_controller_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0",
"versionEndExcluding": "13.0-76.29",
"matchCriteriaId": "7F78FBC6-84A1-4D99-8D70-BA5AF4B1F2BD"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:citrix:application_delivery_controller:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80E69E10-6F40-4FE4-9D84-F6C25EAB79D8"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:citrix:application_delivery_controller_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "12.1",
"versionEndExcluding": "12.1-55.238",
"matchCriteriaId": "8BEBCAD2-581F-4217-8425-46C03584E673"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:citrix:mpx\\/sdx_14030_fips:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BCB11BC1-0702-436F-BFE2-14B38B118D99"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:citrix:mpx\\/sdx_14060_fips:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8569B182-D0A7-414B-B0A3-4DD2FAB44F69"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:citrix:mpx\\/sdx_14080_fips:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ABB9B3E9-EED4-4D74-BE4C-DFAFAB1F0994"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:citrix:mpx_15030-50g_fips:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F60729DF-EDC8-4462-ABD2-6E4199F22701"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:citrix:mpx_15040-50g_fips:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B789F02A-56CB-4871-9D9D-FAB0F31A72A1"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:citrix:mpx_15060-50g_fips:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06699186-E7E4-463C-8844-77B2A750B985"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:citrix:mpx_15080-50g_fips:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F00DBEBF-29BE-4D6A-BF79-19208AAB0D7F"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:citrix:mpx_15100-50g_fips:-:*:*:*:*:*:*:*",
"matchCriteriaId": "848169A6-CAD7-4E14-BC5D-B2E94DC93CCB"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:citrix:mpx_15120-50g_fips:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3C69709C-885A-4F19-899D-A7B5CE7066EF"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:citrix:mpx_8905_fips:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B2136C1-8AB6-4C70-87F4-1F8A93A876C9"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:citrix:mpx_8910_fips:-:*:*:*:*:*:*:*",
"matchCriteriaId": "492323D2-339D-404C-BB9B-E09ABB87FA2B"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:citrix:mpx_8920_fips:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AB83185D-DD6F-47CD-B500-499F9EF65093"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:citrix:sd-wan_wanop:*:*:*:*:*:*:*:*",
"versionStartIncluding": "10.2",
"versionEndExcluding": "10.2.9a",
"matchCriteriaId": "E2E30C0C-32F2-4257-B946-600E3123A0D2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:citrix:sd-wan_wanop:*:*:*:*:*:*:*:*",
"versionStartIncluding": "11.1",
"versionEndExcluding": "11.1.2c",
"matchCriteriaId": "469E2490-71B8-48FB-A032-08922C75339A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:citrix:sd-wan_wanop:*:*:*:*:*:*:*:*",
"versionStartIncluding": "11.2",
"versionEndExcluding": "11.2.3a",
"matchCriteriaId": "56A52140-F4AE-4616-91E7-FF941EA26343"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:citrix:sd-wan_wanop:*:*:*:*:*:*:*:*",
"versionStartIncluding": "11.3",
"versionEndExcluding": "11.3.2",
"matchCriteriaId": "974341A5-6B06-4975-9406-CF41AB0E92F6"
}
]
}
]
}
],
"references": [
{
"url": "https://support.citrix.com/article/CTX297155",
"source": "support@hackerone.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://support.citrix.com/article/CTX297155",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink