CVE-2020-8299

{"id": "CVE-2020-8299", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "[email protected]", "cvssData": {"version": "2.0", "baseScore": 3.3, "accessVector": "ADJACENT_NETWORK", "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 6.5, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.8}]}, "published": "2021-06-16T14:15:08.107", "references": [{"url": "https://support.citrix.com/article/CTX297155", "tags": ["Vendor Advisory"], "source": "[email protected]"}, {"url": "https://support.citrix.com/article/CTX297155", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-400"}]}, {"type": "Primary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-400"}]}], "descriptions": [{"lang": "en", "value": "Citrix ADC and Citrix/NetScaler Gateway 13.0 before 13.0-76.29, 12.1-61.18, 11.1-65.20, Citrix ADC 12.1-FIPS before 12.1-55.238, and Citrix SD-WAN WANOP Edition before 11.4.0, 11.3.2, 11.3.1a, 11.2.3a, 11.1.2c, 10.2.9a suffers from uncontrolled resource consumption by way of a network-based denial-of-service from within the same Layer 2 network segment. Note that the attacker must be in the same Layer 2 network segment as the vulnerable appliance."}, {"lang": "es", "value": "Citrix ADC y Citrix/NetScaler Gateway versiones 13.0 anteriores a 13.0-76.29, 12.1-61.18, 11.1-65.20, Citrix ADC versiones 12.1-FIPS anteriores a 12.1-55.238, y Citrix SD-WAN WANOP Edition versiones anteriores a 11.4.0, 11. 3.2, 11.3.1a, 11.2.3a, 11.1.2c, 10.2.9a, sufren un consumo no controlado de recursos mediante una denegaci\u00f3n de servicio basada en la red desde el mismo segmento de red de capa 2. Tome en cuenta que el atacante debe estar en el mismo segmento de red de capa 2 que el dispositivo vulnerable"}], "lastModified": "2024-11-21T05:38:41.210", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:citrix:gateway:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "871316FC-14DC-41BE-971B-61FBE11D5ABF", "versionEndExcluding": "12.1-61.18", "versionStartIncluding": "12.1"}, {"criteria": "cpe:2.3:a:citrix:gateway:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FAA24333-CF47-45C2-81E3-C990095920D6", "versionEndExcluding": "13.0-76.29", "versionStartIncluding": "13.0"}, {"criteria": "cpe:2.3:a:citrix:netscaler_gateway:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D77B2AD2-BAF1-4FD3-B7C5-88AC1B130971", "versionEndExcluding": "11.1-65.20", "versionStartIncluding": "11.1"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:citrix:application_delivery_controller_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E178AA28-B24F-4565-A314-1E58AAC54648", "versionEndExcluding": "11.1-65.20", "versionStartIncluding": "11.1"}, {"criteria": "cpe:2.3:o:citrix:application_delivery_controller_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7AEBA65F-2FEA-45B2-9118-8781258BC28D", "versionEndExcluding": "12.1-61.18", "versionStartIncluding": "12.1"}, {"criteria": "cpe:2.3:o:citrix:application_delivery_controller_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7F78FBC6-84A1-4D99-8D70-BA5AF4B1F2BD", "versionEndExcluding": "13.0-76.29", "versionStartIncluding": "13.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:citrix:application_delivery_controller:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "80E69E10-6F40-4FE4-9D84-F6C25EAB79D8"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:citrix:application_delivery_controller_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8BEBCAD2-581F-4217-8425-46C03584E673", "versionEndExcluding": "12.1-55.238", "versionStartIncluding": "12.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:citrix:mpx\\/sdx_14030_fips:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "BCB11BC1-0702-436F-BFE2-14B38B118D99"}, {"criteria": "cpe:2.3:h:citrix:mpx\\/sdx_14060_fips:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8569B182-D0A7-414B-B0A3-4DD2FAB44F69"}, {"criteria": "cpe:2.3:h:citrix:mpx\\/sdx_14080_fips:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "ABB9B3E9-EED4-4D74-BE4C-DFAFAB1F0994"}, {"criteria": "cpe:2.3:h:citrix:mpx_15030-50g_fips:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F60729DF-EDC8-4462-ABD2-6E4199F22701"}, {"criteria": "cpe:2.3:h:citrix:mpx_15040-50g_fips:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B789F02A-56CB-4871-9D9D-FAB0F31A72A1"}, {"criteria": "cpe:2.3:h:citrix:mpx_15060-50g_fips:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "06699186-E7E4-463C-8844-77B2A750B985"}, {"criteria": "cpe:2.3:h:citrix:mpx_15080-50g_fips:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F00DBEBF-29BE-4D6A-BF79-19208AAB0D7F"}, {"criteria": "cpe:2.3:h:citrix:mpx_15100-50g_fips:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "848169A6-CAD7-4E14-BC5D-B2E94DC93CCB"}, {"criteria": "cpe:2.3:h:citrix:mpx_15120-50g_fips:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "3C69709C-885A-4F19-899D-A7B5CE7066EF"}, {"criteria": "cpe:2.3:h:citrix:mpx_8905_fips:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6B2136C1-8AB6-4C70-87F4-1F8A93A876C9"}, {"criteria": "cpe:2.3:h:citrix:mpx_8910_fips:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "492323D2-339D-404C-BB9B-E09ABB87FA2B"}, {"criteria": "cpe:2.3:h:citrix:mpx_8920_fips:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "AB83185D-DD6F-47CD-B500-499F9EF65093"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:citrix:sd-wan_wanop:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E2E30C0C-32F2-4257-B946-600E3123A0D2", "versionEndExcluding": "10.2.9a", "versionStartIncluding": "10.2"}, {"criteria": "cpe:2.3:o:citrix:sd-wan_wanop:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "469E2490-71B8-48FB-A032-08922C75339A", "versionEndExcluding": "11.1.2c", "versionStartIncluding": "11.1"}, {"criteria": "cpe:2.3:o:citrix:sd-wan_wanop:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "56A52140-F4AE-4616-91E7-FF941EA26343", "versionEndExcluding": "11.2.3a", "versionStartIncluding": "11.2"}, {"criteria": "cpe:2.3:o:citrix:sd-wan_wanop:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "974341A5-6B06-4975-9406-CF41AB0E92F6", "versionEndExcluding": "11.3.2", "versionStartIncluding": "11.3"}], "operator": "OR"}]}], "sourceIdentifier": "[email protected]"}