Citrix Addresses Auth bypass Flaws Affecting ADC and Gateway Products
Citrix Addresses Auth bypass Flaws Affecting ADC and Gateway Products
Threat Level
Vulnerability Report
For a detailed threat advisory, download the pdf file here
Summary
Citrix has addressed bugs in Citrix ADC and Citrix Gateway. A remote intruder could exploit either of these flaws to obtain control of a susceptible system. To successfully exploit the vulnerability in Gateway appliances, it must be configured as a VPN (Gateway) and RDP proxy. Additionally, the adversary needs to have initial network access via an SSL-VPN gateway.