March 26, 2023

Citrix is urging customers to install security updates to address a critical authentication bypass issue, in Citrix ADC and Citrix Gateway.

The company addressed the following three vulnerabilities:

CVE-ID  Description  CWE  Affected Products Pre-conditions 
CVE-2022-27510 Unauthorized access to Gateway user capabilities CWE-288: Authentication Bypass Using an Alternate Path or Channel Citrix Gateway, Citrix ADC Appliance must be configured as a     VPN (Gateway)   
CVE-2022-27513 Remote desktop takeover via phishing CWE-345: Insufficient Verification of Data Authenticity Citrix Gateway, Citrix ADC Appliance must be configured as a     VPN (Gateway)    and the RDP proxy functionality must be configured
CVE-2022-27516 User login brute force protection functionality bypass CWE-693: Protection Mechanism Failure Citrix Gateway, Citrix ADC Appliance must be configured as a     VPN (Gateway)             OR    AAA virtual server     and the user lockout functionality “Max Login Attempts” must be configured 

The vendor recommends installing the relevant updated versions as soon as possible: 

  • Citrix ADC and Citrix Gateway 13.1-33.47 and later releases 
  • Citrix ADC and Citrix Gateway 13.0-88.12 and later releases of 13.0  
  • Citrix ADC and Citrix Gateway 12.1-65.21 and later releases of 12.1  
  • Citrix ADC 12.1-FIPS 12.1-55.289 and later releases of 12.1-FIPS  
  • Citrix ADC 12.1-NDcPP 12.1-55.289 and later releases of 12.1-NDcPP 

The company highlights that ADC and Gateway versions prior to 12.1 are EOL and recommends customers on those versions upgrade to one of the supported versions. 

Leave a Reply

%d bloggers like this: