{"metadata": {"count": 1, "page": 1, "per_page": 100}, "data": [{"uuid": "8039ef46-f997-4b8e-8086-59737bb19dd6", "vulnerability": {"vulnId": "CVE-2020-8193", "altId": []}, "gcve": {"origin_uuid": "405284c2-e461-4670-8979-7fd2c9755a60", "object_uuid": "8039ef46-f997-4b8e-8086-59737bb19dd6"}, "status": {"exploited": true, "status_reason": "confirmed", "status_updated_at": "2021-11-03T00:00:00+00:00"}, "characteristics": {}, "timestamps": {"asserted_at": "2021-11-03T00:00:00Z", "recorded_at": "2026-02-02T13:24:01Z", "first_seen_at": "2021-11-03T00:00:00Z"}, "scope": {"notes": "KEV entry: Citrix ADC, Gateway, and SD-WAN WANOP Appliance Authorization Bypass Vulnerability | Affected: Citrix / Application Delivery Controller (ADC), Gateway, and SD-WAN WANOP Appliance | Description: Citrix ADC, Citrix Gateway, and multiple Citrix SD-WAN WANOP appliance models contain an authorization bypass vulnerability that may allow unauthenticated access to certain URL endpoints. The attacker must have access to the NetScaler IP (NSIP) in order to perform exploitation. | Required action: Apply updates per vendor instructions. | Due date: 2022-05-03 | Known ransomware campaign use (KEV): Unknown | Notes (KEV): https://nvd.nist.gov/vuln/detail/CVE-2020-8193"}, "evidence": [{"type": "vendor_report", "source": "cisa-kev", "signal": "successful_exploitation", "confidence": 0.8, "details": {"cwes": ["CWE-284"], "feed": "CISA Known Exploited Vulnerabilities Catalog", "product": "Application Delivery Controller (ADC), Gateway, and SD-WAN WANOP Appliance", "due_date": "2022-05-03", "date_added": "2021-11-03", "vendorProject": "Citrix", "vulnerabilityName": "Citrix ADC, Gateway, and SD-WAN WANOP Appliance Authorization Bypass Vulnerability", "knownRansomwareCampaignUse": "Unknown"}}], "references": [{"id": "CVE-2020-8193", "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2020-8193"}]}]}