How to Patch the 3 New Critical Vulnerabilities in Citrix ADC and Gateway Products

Citrix published a Security Bulletin on 8th Nov 2022 in which it disclosed 3 new critical vulnerabilities in Citrix ADC and Gateway Products. All three tracked under the identifiers CVE-2022-27510, CVE-2022-27513, and CVE-2022-27516 are rated Critical with CVSS scores from 9.8 to 9.6. The exploitation of these vulnerabilities would allow adversaries to gain authorized access, perform remote desktop takeover, and even bypass defenses against brute-force attempts in vulnerable versions of Citrix ADC and Gateway Products. It is highly recommended that organizations who use Citrix ADC and Gateway Products should patch the 3 new critical vulnerabilities in Citrix ADC and Gateway Products. Without further due, let’s see how to patch the 3 new critical vulnerabilities in Citrix ADC and Gateway products in this post.

A Short Note About Citrix ADC and Gateway Products:

Citrix ADC:

Citrix ADC is a line of products that provide secure application and desktop delivery, networking, and cloud services. It was formerly known as NetScaler ADC.

Citrix ADC provides a complete application delivery infrastructure for on-premises, hybrid, and cloud deployments. It offers industry-leading load balancing, traffic management, and security capabilities that enable organizations to ensure optimal application performance and security.

Citrix ADC is available in a variety of form factors, including hardware appliances, virtual appliances, and cloud services. It is backed by a comprehensive set of features and services that provide users with a complete application delivery experience.

Citrix Gateway:

Citrix Gateway provides secure remote access to internal resources, applications, and data. It uses SSL and IPSec VPN technologies to create a secure connection between users and corporate networks. Citrix Gateway can be used to connect to on-premises resources, such as email servers, file servers, and databases. It can also be used to connect to cloud-based resources, such as SaaS applications and IaaS platforms. Citrix Gateway is a key component of the Citrix NetScaler platform, which also includes Citrix ADC (Application Delivery Controller) and Citrix SD-WAN (Software-Defined WAN).

Summary of 3 New Critical Vulnerabilities in Citrix ADC and Gateway Products:

As per the advisory released by Citrix, there are three vulnerabilities identified in Citrix ADC and Gateway Products. All three tracked under the identifiers CVE-2022-27510, CVE-2022-27513, and CVE-2022-27516 are rated Critical with CVSS scores of 9.8, 9.6, and 9.8 out of 10, respectively.

CVE ID Description CVSS Score CVSS Vector
CVE-2022-27510 Unauthorized access to Gateway user capabilities  9.8 Critical CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-27513 Remote desktop takeover via phishing  9.6 Critical CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
CVE-2022-27516 User login brute force protection functionality bypass  9.8 Critical CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVE-2022-27510

This is an unauthorized access critical vulnerability with a CVSS score of 9.8, which could be abused to gain unauthorized access. To exploit the vulnerability, the appliance must be configured as a VPN Gateway.

CVE-2022-27513

This is an unauthorized access critical vulnerability with a CVSS score of 9.6, which could be abused to take RDP sessions via social engineering attacks like Phishing. It’s been said that this is due to insufficient verification of data authenticity. To exploit this vulnerability, the appliance must be configured as a VPN Gateway with the RDP proxy functionality enabled on the appliance.

CVE-2022-27516

This is a user login brute-force protection functionality bypass vulnerability with a CVSS score of 9.8, which could be abused to bypass defenses against brute-force login attempts. It’s been said that this is due to Protection Mechanism Failure. To exploit the vulnerability, the appliance must be configured either as a VPN Gateway or an AAA virtual server with the user lockout functionality value set “Max Login Attempts” on the appliance.

Citrix Products Affected by These Vulnerabilities

According to Jarosław Jahrek Kamiński, a security researcher at Securitum, a Polish penetration testing firm, the following versions of Citrix ADC and Citrix Gateway are affected by these three vulnerabilities.

  • Citrix ADC and Citrix Gateway 13.1 before 13.1-33.47 
  • Citrix ADC and Citrix Gateway 13.0 before 13.0-88.12 
  • Citrix ADC and Citrix Gateway 12.1 before 12.1.65.21
  • Citrix ADC 12.1-FIPS before 12.1-55.289 
  • Citrix ADC 12.1-NDcPP before 12.1-55.289 

Note: These flaws affect only on-premises physical or virtual appliances. Cloud services are completely safe from these flaws. Organizations using Citrix-managed cloud services do not need to take any action.

How to Patch the 3 New Critical Vulnerabilities in Citrix ADC and Gateway Products?

Citrix has released patched versions to address these vulnerabilities. We recommend installing the relevant updated versions of Citrix ADC or Citrix Gateway as soon as possible. Please download the latest versions of Citrix ADC and Citrix Gateway to apply the patches.

Patched versions of Citrix ADC and Gateway Products:

  • Citrix ADC and Citrix Gateway 13.1-33.47 and later releases 
  • Citrix ADC and Citrix Gateway 13.0-88.12 and later releases of 13.0 
  • Citrix ADC and Citrix Gateway 12.1-65.21 and later releases of 12.1 
  • Citrix ADC 12.1-FIPS 12.1-55.289 and later releases of 12.1-FIPS 
  • Citrix ADC 12.1-NDcPP 12.1-55.289 and later releases of 12.1-NDcPP 

Note: Citrix ADC and Citrix Gateway versions prior to 12.1 are declared the end of life. No updates are released to these versions. Organizations using these obsolete versions are suggested to move to one of the supported versions. If you feel you need more support on this issue, please contact Citrix Technical Support.

How To Upgrade Citirx ADC?

There are different ways to upgrade Citrix ADC appliance. Please take a look at those here:

How to Patch the 3 New Critical Vulnerabilities in Citrix ADC and Gateway Products

How To Upgrade Citirx Gateway?

There are different ways to upgrade Citrix Gateway appliance. Please take a look at those here:

How to Patch the 3 New Critical Vulnerabilities in Citrix ADC and Gateway Products
How to Patch the 3 New Critical Vulnerabilities in Citrix ADC and Gateway Products
How to Patch the 3 New Critical Vulnerabilities in Citrix ADC and Gateway Products

We hope this post will help you know how to patch the 3 new critical vulnerabilities in Citrix ADC and Gateway products. Please share this post and help to secure the digital world. Visit our social media page on FacebookLinkedInTwitterTelegramTumblr, & Medium and subscribe to receive updates like this. 

原创文章,作者:ItWorker,如若转载,请注明出处:https://blog.ytso.com/293139.html

(0)
上一篇 2022年11月17日
下一篇 2022年11月17日

相关推荐

发表回复

登录后才能评论