mickmick.net

Citrix Products Denial of Service Vulnerabilities

Release Date: 26 May 2022

RISK: Medium Risk

TYPE: Servers - Other Servers

Multiple vulnerabilities were identified in Citrix Products. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition on the targeted system.

---

Impact

• Denial of Service

---

System / Technologies affected

• Citrix ADC and Citrix Gateway 13.1 before 13.1-21.50
• Citrix ADC and Citrix Gateway 13.0 before 13.0-85.19
• Citrix ADC and Citrix Gateway 12.1 before 12.1-64.17
• Citrix ADC 12.1-FIPS before 12.1-55.278
• Citrix ADC 12.1-NDcPP before 12.1-55.278

---

Solutions

Before installation of the software, please visit the vendor web-site for more details.

 

Apply fixes issued by the vendor:

• https://support.citrix.com/article/CTX457048

---

Vulnerability Identifier

• CVE-2022-27507
• CVE-2022-27508

---

Source

• AusCERT
• Citrix

---

Related Link

• https://www.auscert.org.au/bulletins/ESB-2022.2571
• https://support.citrix.com/article/CTX457048