Do you want to switch the language?
IT security9. November 20221 min reading time

Citrix ADC / NetScaler and Citrix Gateway vulnerability

We would like to inform you about a current security issue with Citrix ADC / NetScaler and Citrix Gateway. Citrix has already provided an update to fix the vulnerability.

CVEs:

CVEScore
CVE-2022-27510Critical Severity
CVE-2022-27513High Severity
CVE-2022-27516Medium Severity

Risk:
Vulnerabilities have been discovered in Citrix Gateway and Citrix ADC, listed below. Note that only appliances that are operating as a Gateway (appliances using the SSL VPN functionality or deployed as an ICA proxy with authentication enabled) are affected by the first issue, which is rated as a Critical severity vulnerability.

Affected software versions

  • Citrix ADC and Citrix Gateway 13.1 before 13.1-33.47
  • Citrix ADC and Citrix Gateway 13.0 before 13.0-88.12
  • Citrix ADC and Citrix Gateway 12.1 before 12.1.65.21

If you are using one of the above versions in your Citrix ADC implementation, we recommend that you implement the corresponding update promptly in order to eliminate the risk of an attack by exploiting these vulnerabilities. For systems operated by partners, we recommend that you forward this information immediately.

Citrix recommends updating to one of the software versions listed below.

  • Citrix ADC and Citrix Gateway 13.1-33.47 and later releases
  • Citrix ADC and Citrix Gateway 13.0-88.12 and later releases of 13.0
  • Citrix ADC and Citrix Gateway 12.1-65.21 and later releases of 12.1

Note: All Citrix ADC and Citrix Gateway versions older than 12.1 are already End of Life (EOL) and it is recommended to update to one of the software versions listed above.

In environments managed by K-Businesscom (KBC), the appropriate strategy is determined by the responsible operations team after a quality check has been carried out. In this way, the risk for your company can be kept as low as possible.

Further details can be found in the following article:
https://support.citrix.com/article/CTX463706

If you need support in updating your environment, please click on the button below or contact your K-Businesscom contact person.

Our experienced Citrix System Engineers will be happy to assist you with the implementation.

Your K-Businesscom Team

Please helpPlease help
How may I help you?