CitrixADC-CVE-2020-8300 Script

C

Following on from my previous blog about the latest Citrix ADC CVEs I’ve created a very quick and dirty script to query the Citrix ADC NITRO API and look for SAML actions and SAML iDP Profiles vulnerable to CVE-2020-8300.

If this proves useful to anyone I will develop further with the following functionality:

  • Identify bindings for SAML Actions and SAML iDP Profiles to identify if and where they are in use
  • Detect vulnerable firmware versions by seeing if the relaystaterule and acsurlrule parameters can be

stuartcarroll/CitrixADC-CVE-2020-8300: Detect Citrix ADC SAML action or SAML iDP Profile config vulnerable to CVE-2020-8300 using Citrix ADC NITRO API (github.com)

Detect Citrix ADC SAML action or SAML iDP Profile config vulnerable to CVE-2020-8300 using Citrix ADC NITRO API

image

EXAMPLE & ‘.\CitrixADC-CVE-2020-8300.ps1’ -NSIPProtocol http -NSIP 10.10.10.10 -user nitro -pass “SshhhItsASecret”

About the author

Stu Carroll

Citrix CTA & Director of Enterprise Technologies @ Coffee Cup Solutions

By Stu Carroll

Stu Carroll

Citrix CTA & Director of Enterprise Technologies @ Coffee Cup Solutions

Get in touch

Need help? Get in touch

Secured By miniOrange