CVE-2020-8246

HIGH

Citrix ADC & Gateway <13.0-64.35 - DoS

Title source: llm

Description

Citrix ADC and Citrix Gateway 13.0 before 13.0-64.35, Citrix ADC and NetScaler Gateway 12.1 before 12.1-58.15, Citrix ADC 12.1-FIPS before 12.1-55.187, Citrix ADC and NetScaler Gateway 12.0, Citrix ADC and NetScaler Gateway 11.1 before 11.1-65.12, Citrix SD-WAN WANOP 11.2 before 11.2.1a, Citrix SD-WAN WANOP 11.1 before 11.1.2a, Citrix SD-WAN WANOP 11.0 before 11.0.3f, Citrix SD-WAN WANOP 10.2 before 10.2.7b are vulnerable to a denial of service attack originating from the management network.

References (1)

[Vendor Advisory] https://support.citrix.com/article/CTX281474

Scores

CVSS v3 7.5

EPSS 0.0051

EPSS Percentile 65.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Classification

CWE

CWE-400

Status published

Affected Products (4)

citrix/application_delivery_controller_firmware < 11.1-65.12

citrix/gateway < 11.1-65.12

citrix/netscaler_gateway < 12.1-58.15

citrix/sd-wan_wanop < 10.2.7b

Timeline

Published Sep 18, 2020

Tracked Since Feb 18, 2026