CVE-2020-8196
MEDIUM KEV RANSOMWARECitrix ADC/Gateway <13.0-58.30 - Info Disclosure
Title source: llmExploitation Summary
CVE-2020-8196 is actively exploited and listed in the CISA Known Exploited Vulnerabilities (KEV) catalog, added November 3, 2021, with confirmed use in ransomware campaigns.
Description
Improper access control in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 resulting in limited information disclosure to low privileged users.
References (3)
Core 3
Core References
Vendor Advisory x_refsource_misc
https://support.citrix.com/article/CTX276688
Third Party Advisory, VDB Entry x_refsource_misc
http://packetstormsecurity.com/files/160047/Citrix-ADC-NetScaler-Local-File-Inclusion.html
US Government Resource
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-8196
Scores
CVSS v3
4.3
EPSS
0.6811
EPSS Percentile
98.6%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
CISA SSVC
Vulnrichment
Exploitation
active
Automatable
no
Technical Impact
partial
Details
CISA KEV
2021-11-03
VulnCheck KEV
2020-09-15
InTheWild.io
2021-07-23
ENISA EUVD
EUVD-2020-29073
Ransomware Use
Confirmed
CWE
CWE-284
CWE-287
Status
published
Products (4)
citrix/application_delivery_controller_firmware
10.5 - 10.5-70.18
citrix/gateway_firmware
13.0 - 13.0-58.30
citrix/netscaler_gateway_firmware
10.5 - 10.5-70.18
citrix/sd-wan_wanop
10.2 - 10.2.7
Published
Jul 10, 2020
KEV Added
Nov 03, 2021
Tracked Since
Feb 18, 2026