SB2020030805 - Multiple vulnerabilities in Citrix Gateway

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2020030805

SB2020030805 - Multiple vulnerabilities in Citrix Gateway

Published: March 8, 2020 Updated: March 8, 2020

Security Bulletin ID SB2020030805
Severity
Medium
Patch available
NO
Number of vulnerabilities 3
Exploitation vector Remote access
Highest impact Data manipulation

Breakdown by Severity

Medium 33% Low 67%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 3 secuirty vulnerabilities.


1) Information disclosure (CVE-ID: CVE-2020-10110)

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to some responses of the web based solution are handled with an included caching system. A remote attacker can gain unauthorized access to sensitive information stored in cache.


2) Inconsistent interpretation of HTTP requests (CVE-ID: CVE-2020-10112)

The vulnerability allows a remote attacker to perform cache poisoning attacks.

The vulnerability exists due to incorrect processing of HTTP requests that rely on HTTP parameter values. If a client is requesting a URL with parameter "value=A", the parameter will be processed and the response will be cached.  If another client is requesting the same URL but with a different parameter "value=B", the request will be answered with the initial response ("value=A") during the caching time (for 112 seconds).


3) Inconsistent interpretation of HTTP requests (CVE-ID: CVE-2020-10111)

The vulnerability allows a remote attacker to perform cache poising attacks.

The vulnerability exists due to incorrect processing of HTTP requests with different HTTP protocol versions. A remote attacker can send a specially crafted HTTP request and posing the HTTP cache.


Remediation

Cybersecurity Help is not aware of any official remediation provided by the vendor.

References