Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
thnThe Hacker NewsTHN:3DB90E5606FC25B2252D1640CFD4CCF0
HistoryNov 10, 2022 - 10:26 a.m.

Citrix Issues Patches for Critical Flaw Affecting ADC and Gateway Products

2022-11-1010:26:00
The Hacker News
thehackernews.com
26
citrix
security update
adc
gateway
authentication bypass
cve-2022-27510
cve-2022-27513
cve-2022-27516
exploitation
vpn
aaa
rdp proxy
cloud services

0.002 Low

EPSS

Percentile

58.3%

JSON

Citrix

Citrix has released security updates to address a critical authentication bypass flaw in the application delivery controller (ADC) and Gateway products that could be exploited to take control of affected systems.

Successful exploitation of the issues could enable an adversary to gain authorized access, perform remote desktop takeover, and even circumvent defenses against login brute-force attempts under specific configurations.

  • CVE-2022-27510 - Unauthorized access to Gateway user capabilities
  • CVE-2022-27513 - Remote desktop takeover via phishing
  • CVE-2022-27516 - User login brute-force protection functionality bypass

The following supported versions of Citrix ADC and Citrix Gateway are affected by the flaws -

  • Citrix ADC and Citrix Gateway 13.1 before 13.1-33.47
  • Citrix ADC and Citrix Gateway 13.0 before 13.0-88.12
  • Citrix ADC and Citrix Gateway 12.1 before 12.1.65.21
  • Citrix ADC 12.1-FIPS before 12.1-55.289
  • Citrix ADC 12.1-NDcPP before 12.1-55.289

Exploitation, however, banks on the prerequisite that the appliances are either configured as a VPN (Gateway) or, alternatively, an authentication, authorization and accounting (AAA) virtual server in the case of CVE-2022-27516.

One top of that, CVE-2022-27513 and CVE-2022-27516 also apply only when the RDP proxy feature and the user lockout functionality β€œMax Login Attempts” are set up, respectively.

The cloud computing and virtualization technology company said that no action is required from customers relying on cloud services managed directly by Citrix.

JarosΕ‚aw Jahrek KamiΕ„ski, a researcher at Polish penetration testing firm Securitum, has been credited with discovering and reporting the vulnerabilities.

β€œAffected customers of Citrix ADC and Citrix Gateway are recommended to install the relevant updated versions of Citrix ADC or Citrix Gateway as soon as possible,” Citrix said in an advisory.

Found this article interesting? Follow THN on Facebook, Twitter ο‚™ and LinkedIn to read more exclusive content we post.

Related

nessus 1
rapid7blog 1
citrix 1
cve 3
cvelist 3
nvd 3
prion 3
thn 1
nessus
nessus
Citrix ADC and Citrix Gateway 12.1.x < 12.1-65.21 / 13.0.x < 13.0-88.12 / 13.1.x < 13.1-33.47 Multiple Vulnerabilities (CTX463706)
2022-11-09 00:00:00
rapid7blog
rapid7blog
CVE-2022-27510: Critical Citrix ADC and Gateway Remote Authentication Bypass Vulnerabilities
2022-11-15 15:37:03
citrix
citrix
Citrix Gateway and Citrix ADC Security Bulletin for CVE-2022-27510 CVE-2022-27513 and CVE-2022-27516
2022-11-08 08:49:57
cve
cve
CVE-2022-27510
2022-11-08 22:15:13
CVE-2022-27513
2022-11-08 22:15:13
CVE-2022-27516
2022-11-08 22:15:13
cvelist
cvelist
CVE-2022-27510 Unauthorized access to Gateway user capabilities
2022-11-08 21:26:10
CVE-2022-27513 Remote desktop takeover via phishing
2022-11-08 21:26:08
CVE-2022-27516 User login brute force protection functionality bypass
2022-11-08 21:26:12
nvd
nvd
CVE-2022-27510
2022-11-08 22:15:13
CVE-2022-27513
2022-11-08 22:15:13
CVE-2022-27516
2022-11-08 22:15:13
prion
prion
Remote file inclusion
2022-11-08 22:15:00
Security feature bypass
2022-11-08 22:15:00
Code injection
2022-11-08 22:15:00
thn
thn
Thousands of Citrix Servers Still Unpatched for Critical Vulnerabilities
2022-12-29 09:43:00

0.002 Low

EPSS

Percentile

58.3%

JSON
Related for THN:3DB90E5606FC25B2252D1640CFD4CCF0
nessus1rapid7blog1citrix1cve3cvelist3nvd3prion3thn1