CVE-2020-7473: 
Citrix ShareFile StorageZones Controller vulnerability analysis and mitigation

Citrix ShareFile storage zone controllers were affected by a critical security vulnerability (CVE-2020-7473) discovered in May 2020. The vulnerability specifically impacted customer-managed on-premises Citrix ShareFile storage zone controllers, a component responsible for storing corporate data behind the firewall. The affected versions included ShareFile storage zones Controller 5.9.0, 5.8.0, 5.7.0, 5.6.0, 5.5.0, and earlier versions (Bleeping Computer, Hacker News).

The vulnerability was part of a set of three security flaws (alongside CVE-2020-8982 and CVE-2020-8983) that could allow an unauthenticated attacker to potentially compromise the storage zones controller. Initial analysis suggested that at least one of the flaws resided in an outdated ASP.net Toolkit (AjaxControlToolkit) that contained directory traversal and remote code execution vulnerabilities. A simple test to check for vulnerability involved accessing the URL 'https://yoursharefileserver.companyname.com/UploadTest.aspx' - if the page returned blank, the system was vulnerable (Hacker News).

If exploited, the vulnerability could allow unauthorized attackers to access sensitive ShareFile documents and folders stored in the corporate environment. The impact was particularly significant as approximately 2,800 Citrix ShareFile storage servers were found exposed on Shodan, making them potentially vulnerable to attacks (Bleeping Computer).

Citrix released patches through Storage Zones Controller versions 5.10.0, 5.9.1, 5.8.1, 5.7.1, 5.6.1, and 5.5.1. Additionally, Citrix provided a mitigation tool that needed to be run on the primary Storage zones controller first and then on any secondary controllers. For cloud-hosted ShareFile storage zone controllers managed by Citrix, no action was required as the company had already implemented the necessary patches (Hacker News).

The security community actively tracked and discussed the vulnerability, with security researchers like Nate Warfield from Microsoft Security Response Center highlighting the significance of the flaws and the number of exposed servers. The Danske Bank Red-Team was credited for collaborating with Citrix on protecting customers from related vulnerabilities (Bleeping Computer).