CVE-2020-8299: 
NixOS vulnerability analysis and mitigation

Citrix ADC (Application Delivery Controller) and Citrix/NetScaler Gateway, along with Citrix SD-WAN WANOP Edition, were found to contain a medium severity vulnerability tracked as CVE-2020-8299. The vulnerability affects multiple versions including ADC 13.0 before 13.0-76.29, 12.1-61.18, 11.1-65.20, ADC 12.1-FIPS before 12.1-55.238, and SD-WAN WANOP Edition before versions 11.4.0, 11.3.2, 11.3.1a, 11.2.3a, 11.1.2c, and 10.2.9a. The vulnerability was initially recorded on January 28, 2020 (MITRE CVE).

The vulnerability is characterized by uncontrolled resource consumption that can lead to a network-based denial-of-service condition. A crucial technical aspect of this vulnerability is that it can only be exploited from within the same Layer 2 network segment as the vulnerable appliance (MITRE CVE).

When successfully exploited, the vulnerability can result in a denial-of-service condition, potentially disrupting the availability of affected Citrix services. The impact is somewhat limited by the requirement that the attacker must be present on the same Layer 2 network segment as the vulnerable system (MITRE CVE).

Citrix has addressed this vulnerability by releasing security updates for affected products. The fix is included in versions 13.0-76.29, 12.1-61.18, 11.1-65.20 for Citrix ADC and Gateway, version 12.1-55.238 for Citrix ADC 12.1-FIPS, and versions 11.4.0, 11.3.2, 11.3.1a, 11.2.3a, 11.1.2c, 10.2.9a for SD-WAN WANOP Edition (Citrix Support).