Skip to main content

Citrix Products Multiple Vulnerabilities

Release Date: 10 Nov 2021 2968 Views

RISK: Medium Risk

TYPE: Operating Systems - Networks OS

TYPE: Networks OS

Multiple vulnerabilities were identified in Citrix Products. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition on the targeted system.


Impact

  • Denial of Service

System / Technologies affected

  • Citrix ADC and Citrix Gateway 13.0 before 13.0-83.27 
  • Citrix ADC and Citrix Gateway 12.1 before 12.1-63.22 
  • Citrix ADC and NetScaler Gateway 11.1 before 11.1-65.23 
  • Citrix ADC 12.1-FIPS before 12.1-55.257
  • Citrix SD-WAN WANOP Edition 11.4 before 11.4.2 
  • Citrix SD-WAN WANOP Edition 10.2 before 10.2.9c 

Solutions

Before installation of the software, please visit the software vendor web-site for more details.

 

  • The vendor has issued a fix:
    Citrix ADC and Citrix Gateway 13.1-4.43 and later releases of 13.1
    Citrix ADC and Citrix Gateway 13.0-83.27 and later releases of 13.0
    Citrix ADC and Citrix Gateway 12.1-63.22 and later releases of 12.1
    Citrix ADC and NetScaler Gateway 11.1-65.23 and later releases of 11.1
    Citrix ADC 12.1-FIPS 12.1-55.257 and later releases of 12.1-FIPS
    Citrix SD-WAN WANOP Edition 11.4.2 and later releases of 11.4
    Citrix SD-WAN WANOP Edition 10.2.9c and later releases of 10.2
  • In addition, upon upgrading to a fixed version, Citrix recommends customers must modify the device configuration to resolve CVE-2021-22956.
    Details please refer to: https://support.citrix.com/article/CTX331588

Vulnerability Identifier


Source


Related Link