logo

CVE-2022-27518 - Citrix Application Delivery Controller (ADC) and Gateway Authentication Bypass Vulnerability

CVE-2022-27518

Citrix | Application Delivery Controller (ADC) and Gateway

  • Date Added:
  • 2022-12-13
  • Due Date:
  • 2023-01-03
Vulnerability Name

Citrix Application Delivery Controller (ADC) and Gateway Authentication Bypass Vulnerability

Description

Citrix Application Delivery Controller (ADC) and Gateway, when configured with SAML SP or IdP configuration, contain an authentication bypass vulnerability that allows an attacker to execute code as administrator.

Known To Be Used in Ransomware Campaigns?

Unknown

Action

Apply updates per vendor instructions.

Additional Notes
https://www.citrix.com/blogs/2022/12/13/critical-security-update-now-available-for-citrix-adc-citrix-gateway/; https://nvd.nist.gov/vuln/detail/CVE-2022-27518
Related News Articles

Free security scan for your website