CVE-2022-27518 - Citrix Application Delivery Controller (ADC) and Gateway Authentication Bypass Vulnerability

CVE-2022-27518: Citrix | Application Delivery Controller (ADC) and Gateway

Date Added:
2022-12-13

Due Date:
2023-01-03

Vulnerability Name: Citrix Application Delivery Controller (ADC) and Gateway Authentication Bypass Vulnerability

Description: Citrix Application Delivery Controller (ADC) and Gateway, when configured with SAML SP or IdP configuration, contain an authentication bypass vulnerability that allows an attacker to execute code as administrator.

Known To Be Used in Ransomware Campaigns?: Unknown

Action: Apply updates per vendor instructions.

Additional Notes: https://www.citrix.com/blogs/2022/12/13/critical-security-update-now-available-for-citrix-adc-citrix-gateway/; https://nvd.nist.gov/vuln/detail/CVE-2022-27518

Related News Articles: State hackers turn to massive ORB proxy networks to evade detectionMay 23, 2024

Free security scan for your website

Don't show website scan report rating on the leaderboard