Citrix Addresses Auth bypass Flaws Affecting ADC and Gateway Products

Threat Advisories

Citrix Addresses Auth bypass Flaws Affecting ADC and Gateway Products

Threat Level
Vulnerability Report

For a detailed threat advisory, download the pdf file here

Summary

Citrix has addressed bugs in Citrix ADC and Citrix Gateway. A remote intruder could exploit either of these flaws to obtain control of a susceptible system. To successfully exploit the vulnerability in Gateway appliances, it must be configured as a VPN (Gateway) and RDP proxy. Additionally, the adversary needs to have initial network access via an SSL-VPN gateway.