cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-24487,https://securityvulnerability.io/vulnerability/CVE-2023-24487,Arbitrary file read,Arbitrary file read in Citrix ADC and Citrix Gateway ,Citrix,Citrix Adc And Citrix Gateway,6.3,MEDIUM,0.0011699999449774623,false,,false,false,false,,,false,false,,2023-07-10T21:15:00.000Z,0
CVE-2023-24488,https://securityvulnerability.io/vulnerability/CVE-2023-24488,Cross site scripting,Cross site scripting vulnerability in Citrix ADC and Citrix Gateway  in allows and attacker to perform cross site scripting,Citrix,Citrix Adc And Citrix Gateway,6.1,MEDIUM,0.0822800025343895,false,,false,false,true,2023-07-31T11:29:16.000Z,true,false,false,,2023-07-10T21:15:00.000Z,0
CVE-2022-27518,https://securityvulnerability.io/vulnerability/CVE-2022-27518,Unauthenticated remote arbitrary code execution,"Unauthenticated remote arbitrary code execution
",Citrix,"Citrix Gateway, Citrix Adc",9.8,CRITICAL,0.1903200000524521,true,2022-12-13T00:00:00.000Z,false,false,true,2022-12-13T00:00:00.000Z,true,false,false,,2022-12-13T00:00:00.000Z,0
CVE-2022-27516,https://securityvulnerability.io/vulnerability/CVE-2022-27516,"User login brute force protection functionality bypass ","User login brute force protection functionality bypass   
",Citrix,"Citrix Gateway, Citrix Adc",5.3,MEDIUM,0.001970000099390745,false,,false,false,false,,,false,false,,2022-11-08T21:26:12.642Z,0
CVE-2022-27510,https://securityvulnerability.io/vulnerability/CVE-2022-27510,"Unauthorized access to Gateway user capabilities ","Unauthorized access to Gateway user capabilities 
",Citrix,"Citrix Gateway, Citrix Adc",9.8,CRITICAL,0.0020200000144541264,false,,false,false,false,,,false,false,,2022-11-08T21:26:10.688Z,0
CVE-2022-27513,https://securityvulnerability.io/vulnerability/CVE-2022-27513,Remote desktop takeover via phishing,"Remote desktop takeover via phishing  
",Citrix,"Citrix Gateway, Citrix Adc",8.3,HIGH,0.0020099999383091927,false,,false,false,false,,,false,false,,2022-11-08T21:26:08.238Z,0
CVE-2021-22956,https://securityvulnerability.io/vulnerability/CVE-2021-22956,Uncontrolled Resource Consumption in Citrix ADC by Citrix,"A vulnerability exists in Citrix ADC which allows an attacker to exploit the Management GUI, Nitro API, and RPC communication. If an attacker gains access to the management interface via the NSIP or SNIP, it can result in temporary disruption of services, impacting the overall functionality and management of the ADC. This vulnerability highlights the importance of secure access controls and monitoring for potential threats in network management systems.",Citrix,"Citrix Adc, Citrix Gateway, Citrix Sdwan",7.5,HIGH,0.0010300000431016088,false,,false,false,false,,,false,false,,2021-12-07T13:12:38.000Z,0
CVE-2021-22955,https://securityvulnerability.io/vulnerability/CVE-2021-22955,Denial of Service Vulnerability in Citrix ADC VPN and AAA Configuration,"An unauthenticated denial of service vulnerability in Citrix ADC can create significant disruptions when the product is configured as a VPN or AAA virtual server. Attackers can exploit this flaw to temporarily incapacitate key management interfaces, including the Management GUI and Nitro API, leading to an interruption in RPC communication. This can potentially hamper the usability and accessibility of the services provided by Citrix ADC, making it crucial for organizations to address this vulnerability promptly.",Citrix,"Citrix Adc, Citrix Gateway",7.5,HIGH,0.0010300000431016088,false,,false,false,false,,,false,false,,2021-12-07T13:12:33.000Z,0
CVE-2021-22920,https://securityvulnerability.io/vulnerability/CVE-2021-22920,SAML Authentication Hijack in Citrix ADC and Gateway,"A vulnerability has been identified in Citrix ADC and Citrix Gateway that exposes users to phishing attacks via SAML authentication hijacks. This exploit can allow attackers to steal valid user sessions, leading to unauthorized access and potential data breaches. Affected models include the Citrix SD-WAN WANOP Edition 4000-WO, 4100-WO, 5000-WO, and 5100-WO, making it crucial for users to implement appropriate security measures.",Citrix,"Citrix Adc, Citrix Gateway",6.5,MEDIUM,0.0015699999639764428,false,,false,false,false,,,false,false,,2021-08-05T20:16:49.000Z,0
CVE-2021-22919,https://securityvulnerability.io/vulnerability/CVE-2021-22919,Disk Space Vulnerability in Citrix ADC and Gateway Products,"A vulnerability has been identified in Citrix ADC and Citrix Gateway products that could allow an attacker to consume all available disk space. This scenario occurs due to improper management of disk allocation, potentially disrupting services and impacting system performance. Organizations are urged to implement recommended patches and monitor their environments proactively to mitigate potential risks associated with this vulnerability.",Citrix,"Citrix Adc, Citrix Gateway, Citrix Sd-wan Wanop",7.5,HIGH,0.0010300000431016088,false,,false,false,false,,,false,false,,2021-08-05T20:16:46.000Z,0
CVE-2021-22927,https://securityvulnerability.io/vulnerability/CVE-2021-22927,Session Fixation Flaw in Citrix ADC and Gateway,A session fixation vulnerability is present in Citrix ADC and Citrix Gateway versions 13.0-82.45 when configured as a SAML service provider. This security flaw could potentially allow attackers to hijack user sessions. Organizations utilizing these Citrix products should implement necessary mitigations to protect their applications from session hijacking attacks.,Citrix,"Citrix Adc, Citrix Gateway",8.1,HIGH,0.001509999972768128,false,,false,false,false,,,false,false,,2021-08-05T20:16:42.000Z,0
CVE-2020-8299,https://securityvulnerability.io/vulnerability/CVE-2020-8299,Denial-of-Service Vulnerability in Citrix ADC and NetScaler Gateway,"Citrix ADC and Citrix/NetScaler Gateway have a vulnerability that allows an attacker, located on the same Layer 2 network segment, to cause a denial-of-service condition through uncontrolled resource consumption. This issue affects multiple versions of the Citrix ADC and SD-WAN products. Organizations using these systems are advised to implement mitigations and upgrade to the fixed versions to enhance their network security.",Citrix,"Citrix Adc, Citrix Gateway, Citrix Sd-wan Wanop Edition",6.5,MEDIUM,0.0005799999926239252,false,,false,false,false,,,false,false,,2021-06-16T13:08:22.000Z,0
CVE-2020-8300,https://securityvulnerability.io/vulnerability/CVE-2020-8300,Improper Access Control Vulnerability in Citrix ADC and Citrix Gateway,"The Citrix ADC and Citrix Gateway are affected by a significant vulnerability where improper access control can lead to SAML authentication hijacking. Cyber attackers can exploit this flaw through phishing attacks to steal active user sessions, allowing unauthorized access to sensitive information. This issue arises when Citrix ADC or Citrix Gateway is configured as either a SAML Service Provider (SP) or a SAML Identity Provider (IdP), making adequate security measures crucial for protecting user credentials and maintaining system integrity.",Citrix,"Citrix Adc, Citrix Gateway",6.5,MEDIUM,0.000750000006519258,false,,false,false,true,2021-06-15T07:21:16.000Z,true,false,false,,2021-06-16T13:08:16.000Z,0
CVE-2020-8247,https://securityvulnerability.io/vulnerability/CVE-2020-8247,Privilege Escalation Issue in Citrix ADC and Gateway Products,"Certain versions of Citrix ADC and Citrix Gateway, as well as various Citrix SD-WAN WANOP releases, are susceptible to a privilege escalation vulnerability that impacts the management interface. This vulnerability allows unauthorized users to gain elevated access to system functionalities, which could compromise the integrity of the system. It is essential for users to apply available patches and updates to their affected products to mitigate potential risks associated with this vulnerability. For more details, refer to the Citrix support documentation.",Citrix,"Citrix Adc, Citrix Gateway, Citrix Sdwan Wan-op",8.8,HIGH,0.0010400000028312206,false,,false,false,false,,,false,false,,2020-09-18T20:12:32.000Z,0
CVE-2020-8246,https://securityvulnerability.io/vulnerability/CVE-2020-8246,Denial of Service Vulnerability in Citrix ADC and Gateway Products,"Citrix ADC and Citrix Gateway products have a vulnerability that allows an attacker to execute a denial of service attack originating from the management network. This issue affects multiple versions of Citrix ADC, NetScaler Gateway, and Citrix SD-WAN WANOP, making them susceptible to disruptions that can impact service availability.",Citrix,"Citrix Adc, Citrix Gateway, Citrix Sdwan Wan-op",7.5,HIGH,0.0010300000431016088,false,,false,false,false,,,false,false,,2020-09-18T20:12:26.000Z,0
CVE-2020-8245,https://securityvulnerability.io/vulnerability/CVE-2020-8245,Input Validation Flaw in Citrix ADC and Gateway Products,"An improper input validation vulnerability exists in Citrix ADC and Citrix Gateway products, specifically leading to potential HTML Injection attacks on the SSL VPN web portal. This flaw affects various versions of Citrix ADC and NetScaler Gateway, as well as Citrix SD-WAN WANOP products. Exploiting this vulnerability could allow an attacker to manipulate the web portal's behavior, leading to unauthorized actions and potentially compromising user data.",Citrix,"Citrix Adc, Citrix Gateway",6.1,MEDIUM,0.0007800000021234155,false,,false,false,false,,,false,false,,2020-09-18T20:12:07.000Z,0
CVE-2020-8197,https://securityvulnerability.io/vulnerability/CVE-2020-8197,Privilege Escalation in Citrix ADC and Gateway by Citrix,"A privilege escalation vulnerability exists in Citrix ADC and Citrix Gateway, allowing a low-privileged user with management access to execute arbitrary commands. This flaw affects multiple versions, potentially enabling unauthorized access to sensitive functions and configurations within the system.",Citrix,"Citrix Adc, Citrix Gateway",8.8,HIGH,0.001019999966956675,false,,false,false,false,,,false,false,,2020-07-10T15:40:09.000Z,0
CVE-2020-8196,https://securityvulnerability.io/vulnerability/CVE-2020-8196,Improper Access Control in Citrix ADC and Gateway,"This vulnerability is due to improper access control mechanisms in Citrix ADC and Citrix Gateway. It allows limited information disclosure to users with low privileges by exposing certain sensitive information. This affects a range of software versions, potentially compromising the security of user data and critical configurations within the affected systems.",Citrix,"Citrix Adc, Citrix Gateway, Citrix Sdwan Wan-op",4.3,MEDIUM,0.0036899999249726534,true,2021-11-03T00:00:00.000Z,false,false,true,2021-11-03T00:00:00.000Z,,false,false,,2020-07-10T15:39:54.000Z,0
CVE-2020-8195,https://securityvulnerability.io/vulnerability/CVE-2020-8195,Improper Input Validation in Citrix ADC and Gateway Software,"This vulnerability stems from improper input validation in Citrix ADC and Citrix Gateway, allowing low privileged users to potentially gain limited access to sensitive information. The affected versions span across multiple iterations of both Citrix ADC and various Citrix SDWAN releases. Organizations using these products should evaluate their current deployments against the affected versions and apply recommended patches to mitigate security risks.",Citrix,"Citrix Adc, Citrix Gateway, Citrix Sdwan Wan-op",6.5,MEDIUM,0.8536700010299683,true,2021-11-03T00:00:00.000Z,false,false,true,2021-11-03T00:00:00.000Z,,false,false,,2020-07-10T15:39:35.000Z,0
CVE-2020-8198,https://securityvulnerability.io/vulnerability/CVE-2020-8198,Stored Cross-Site Scripting in Citrix ADC and Gateway Products,"A vulnerability exists in Citrix ADC and Citrix Gateway that allows attackers to exploit improper input validation. This flaw could permit the injection of malicious scripts into web pages viewed by users, leading to stored cross-site scripting (XSS) attacks. Affected systems before specified versions may leak sensitive information or allow unauthorized actions under the context of an affected user. Mitigation measures should be implemented to safeguard against potential exploitation of this vulnerability.",Citrix,"Citrix Adc, Citrix Gateway, Citrix Sdwan Wan-op",6.1,MEDIUM,0.0007800000021234155,false,,false,false,false,,,false,false,,2020-07-10T15:39:14.000Z,0
CVE-2020-8194,https://securityvulnerability.io/vulnerability/CVE-2020-8194,Reflected Code Injection Vulnerability in Citrix ADC and Citrix Gateway,"A reflected code injection vulnerability exists in Citrix ADC and Citrix Gateway versions earlier than 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14, and 10.5-70.18, as well as in Citrix SDWAN WAN-OP versions prior to 11.1.1a, 11.0.3d, and 10.2.7. This vulnerability can be exploited to alter file downloads, potentially leading to unauthorized access and sensitive data exposure.",Citrix,"Citrix Adc, Citrix Gateway, Citrix Sdwan Wan-op",6.5,MEDIUM,0.9706599712371826,false,,false,false,false,,,false,false,,2020-07-10T15:38:54.000Z,0
CVE-2020-8193,https://securityvulnerability.io/vulnerability/CVE-2020-8193,Unauthenticated Access in Citrix ADC and Citrix Gateway Products,"Improper access control in multiple versions of Citrix ADC and Citrix Gateway, as well as Citrix SDWAN WAN-OP, allows unauthenticated users to access sensitive URL endpoints. This vulnerability may expose critical functionalities, compromising the security of affected installations. It is crucial for organizations using these products to apply the necessary updates to mitigate potential risks.",Citrix,"Citrix Adc, Citrix Gateway, Citrix Sdwan Wan-op",6.5,MEDIUM,0.9686400294303894,true,2021-11-03T00:00:00.000Z,false,false,true,2020-07-15T14:43:03.000Z,true,false,false,,2020-07-10T15:38:28.000Z,0
CVE-2020-8191,https://securityvulnerability.io/vulnerability/CVE-2020-8191,Cross-Site Scripting Vulnerability in Citrix ADC and Gateway,"An improper input validation issue in Citrix ADC and Citrix Gateway, as well as Citrix SDWAN WAN-OP, can lead to reflected cross-site scripting (XSS) vulnerabilities. This allows an attacker to inject malicious scripts into web pages viewed by users. Exploiting this vulnerability could result in unauthorized actions being taken on behalf of users or the exfiltration of sensitive data.",Citrix,"Citrix Adc, Citrix Gateway, Citrix Sdwan Wan-op",6.1,MEDIUM,0.004230000078678131,false,,false,false,false,,,false,false,,2020-07-10T15:38:10.000Z,0
CVE-2020-8187,https://securityvulnerability.io/vulnerability/CVE-2020-8187,Denial of Service Vulnerability in Citrix ADC and Gateway,"Improper input validation in Citrix ADC and Citrix Gateway prior to specified versions can enable unauthenticated attackers to exploit this vulnerability, leading to a denial of service condition. This loophole allows unauthorized users to disrupt services and affect performance, posing significant risk to organizations relying on Citrix solutions.",Citrix,"Citrix Adc, Citrix Gateway",7.5,HIGH,0.0010999999940395355,false,,false,false,false,,,false,false,,2020-07-10T15:35:56.000Z,0
CVE-2020-8190,https://securityvulnerability.io/vulnerability/CVE-2020-8190,Privilege Escalation Vulnerability in Citrix ADC and Citrix Gateway,"Incorrect file permissions in Citrix ADC and Citrix Gateway prior to specified versions enable unauthorized users to escalate privileges. This flaw allows attackers to gain elevated access to sensitive functions and data, potentially leading to significant security breaches. Entities using affected versions should apply the latest updates promptly to ensure their systems remain secure from exploitation.",Citrix,"Citrix Adc, Citrix Gateway",7.5,HIGH,0.0010400000028312206,false,,false,false,false,,,false,false,,2020-07-10T15:32:34.000Z,0