citrix application_delivery_controller_firmware 未加控制的资源消耗（资源穷尽）

admin

0
文章

0
评论

2023-12-01 14:03:36 Ali_nvd 来源：ZONE.CI 全球网 0 阅读模式

citrix application_delivery_controller_firmware 未加控制的资源消耗（资源穷尽）

CVE编号

CVE-2020-8299

利用情况

暂无

补丁情况

N/A

披露时间

2021-06-16

漏洞描述

Citrix ADC and Citrix/NetScaler Gateway 13.0 before 13.0-76.29, 12.1-61.18, 11.1-65.20, Citrix ADC 12.1-FIPS before 12.1-55.238, and Citrix SD-WAN WANOP Edition before 11.4.0, 11.3.2, 11.3.1a, 11.2.3a, 11.1.2c, 10.2.9a suffers from uncontrolled resource consumption by way of a network-based denial-of-service from within the same Layer 2 network segment. Note that the attacker must be in the same Layer 2 network segment as the vulnerable appliance.

解决建议

建议您更新当前系统或软件至最新版，完成漏洞的修复。

参考链接
https://support.citrix.com/article/CTX297155

受影响软件情况

1
#	类型	厂商	产品	版本	影响面
	运行在以下环境
	系统	citrix	application_delivery_controller_firmware	*	From (including) 11.1	Up to (excluding) 11.1-65.20
	运行在以下环境
	系统	citrix	application_delivery_controller_firmware	*	From (including) 12.1	Up to (excluding) 12.1-55.238
	运行在以下环境
	系统	citrix	application_delivery_controller_firmware	*	From (including) 12.1	Up to (excluding) 12.1-61.18
	运行在以下环境
	系统	citrix	application_delivery_controller_firmware	*	From (including) 13.0	Up to (excluding) 13.0-76.29
	运行在以下环境
	硬件	citrix	application_delivery_controller	-	-
	运行在以下环境
	硬件	citrix	mpx/sdx_14030_fips	-	-
	运行在以下环境
	硬件	citrix	mpx/sdx_14060_fips	-	-
	运行在以下环境
	硬件	citrix	mpx/sdx_14080_fips	-	-
	运行在以下环境
	硬件	citrix	mpx_15030-50g_fips	-	-
	运行在以下环境
	硬件	citrix	mpx_15040-50g_fips	-	-
	运行在以下环境
	硬件	citrix	mpx_15060-50g_fips	-	-
	运行在以下环境
	硬件	citrix	mpx_15080-50g_fips	-	-
	运行在以下环境
	硬件	citrix	mpx_15100-50g_fips	-	-
	运行在以下环境
	硬件	citrix	mpx_15120-50g_fips	-	-
	运行在以下环境
	硬件	citrix	mpx_8905_fips	-	-
	运行在以下环境
	硬件	citrix	mpx_8910_fips	-	-
	运行在以下环境
	硬件	citrix	mpx_8920_fips	-	-