CVE-2020-8193

Citrix ADC, Citrix Gateway, and multiple Citrix SD-WAN WANOP appliance models contain an authorization bypass vulnerability that may allow unauthenticated access to certain URL endpoints. The attacker must have access to the NetScaler IP (NSIP) in order to perform exploitation. Vendor/Product: Citrix Application Delivery Controller (ADC), Gateway, and SD-WAN WANOP Appliance. Added to CISA KEV 2021-11-03; required action: Apply updates per vendor instructions.