CVE-2020-8200 - OpenCVE

Improper authentication in Citrix StoreFront Server < 1912.0.1000 allows an attacker who is authenticated on the same Microsoft Active Directory domain as a Citrix StoreFront server to read arbitrary files from that server.

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:L/Au:S/C:P/I:N/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Citrix	Storefront Server

Configuration 1 [-]

OR	cpe:2.3:a:citrix:storefront_server::::::::
	cpe:2.3:a:citrix:storefront_server:::::ltsr:::*
	cpe:2.3:a:citrix:storefront_server:::::ltsr:::*
	cpe:2.3:a:citrix:storefront_server:::::ltsr:::*

References

Link	Resource
https://support.citrix.com/article/CTX277455	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: hackerone

Published: 2020-09-18T20:13:00

Updated: 2020-09-18T20:13:00

Reserved: 2020-01-28T00:00:00

Link: CVE-2020-8200

JSON object: View

NVD Information

Status : Analyzed

Published: 2020-09-18T21:15:12.827

Modified: 2020-10-07T10:57:39.587

Link: CVE-2020-8200

JSON object: View

Redhat Information

No data.

CWE

CWE-287

{"containers": {"cna": {"affected": [{"product": "Citrix StoreFront", "vendor": "n/a", "versions": [{"status": "affected", "version": "Citrix StoreFront 1912 CU1 (1912.0.1000), Citrix StoreFront 3.12 for 7.15 LTSR CU5 Hotfix (3.12.5001) and Citrix StoreFront 3.0 for 7.6 LTSR CU8 Hotfix (3.0.8001)"}]}], "descriptions": [{"lang": "en", "value": "Improper authentication in Citrix StoreFront Server < 1912.0.1000 allows an attacker who is authenticated on the same Microsoft Active Directory domain as a Citrix StoreFront server to read arbitrary files from that server."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-287", "description": "Improper Authentication - Generic (CWE-287)", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2020-09-18T20:13:00", "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://support.citrix.com/article/CTX277455"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "support@hackerone.com", "ID": "CVE-2020-8200", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Citrix StoreFront", "version": {"version_data": [{"version_value": "Citrix StoreFront 1912 CU1 (1912.0.1000), Citrix StoreFront 3.12 for 7.15 LTSR CU5 Hotfix (3.12.5001) and Citrix StoreFront 3.0 for 7.6 LTSR CU8 Hotfix (3.0.8001)"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Improper authentication in Citrix StoreFront Server < 1912.0.1000 allows an attacker who is authenticated on the same Microsoft Active Directory domain as a Citrix StoreFront server to read arbitrary files from that server."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Improper Authentication - Generic (CWE-287)"}]}]}, "references": {"reference_data": [{"name": "https://support.citrix.com/article/CTX277455", "refsource": "MISC", "url": "https://support.citrix.com/article/CTX277455"}]}}}}, "cveMetadata": {"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "assignerShortName": "hackerone", "cveId": "CVE-2020-8200", "datePublished": "2020-09-18T20:13:00", "dateReserved": "2020-01-28T00:00:00", "dateUpdated": "2020-09-18T20:13:00", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:citrix:storefront_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "1FA9A017-F874-442F-88EE-845BC261C984", "versionEndExcluding": "2006", "vulnerable": true}, {"criteria": "cpe:2.3:a:citrix:storefront_server:*:*:*:*:ltsr:*:*:*", "matchCriteriaId": "708F920E-7EC8-44A0-9722-41EE95F753C8", "versionEndExcluding": "3.0.8001", "versionStartIncluding": "3.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:citrix:storefront_server:*:*:*:*:ltsr:*:*:*", "matchCriteriaId": "DCFB4C56-A163-40E5-B705-560192D19290", "versionEndExcluding": "3.12.5001", "versionStartIncluding": "3.12", "vulnerable": true}, {"criteria": "cpe:2.3:a:citrix:storefront_server:*:*:*:*:ltsr:*:*:*", "matchCriteriaId": "2A1FABF8-B828-42BA-9534-443058E04DB6", "versionEndExcluding": "1912.0.1000", "versionStartIncluding": "1912", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Improper authentication in Citrix StoreFront Server < 1912.0.1000 allows an attacker who is authenticated on the same Microsoft Active Directory domain as a Citrix StoreFront server to read arbitrary files from that server."}, {"lang": "es", "value": "Una autenticaci\u00f3n inapropiada en Citrix StoreFront Server versiones anteriores a 1912.0.1000, permite a un atacante que est\u00e1 autenticado en el mismo dominio del Microsoft Active Directory como un servidor Citrix StoreFront leer archivos arbitrarios de ese servidor"}], "id": "CVE-2020-8200", "lastModified": "2020-10-07T10:57:39.587", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 4.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-09-18T21:15:12.827", "references": [{"source": "support@hackerone.com", "tags": ["Vendor Advisory"], "url": "https://support.citrix.com/article/CTX277455"}], "sourceIdentifier": "support@hackerone.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-287"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-287"}], "source": "support@hackerone.com", "type": "Secondary"}]}