Citrix Security has discovered a vulnerability in Citrix ADC (formerly Netscaler) and Citrix Gateway, enabling an attacker to create a specially crafted URL redirecting to a malicious website. Citrix and OneNeck highly recommend that all customers utilizing these Citrix services take note of this vulnerability and determine if they are among those who may be affected.
The vulnerability (CVE-ID: CVE-2022-27509 and CWE: CWE-345) is an unauthorized redirection to a malicious website. Additionally, two pre-conditions determine potential susceptibility. The first is that appliances must be configured and operating as a VPN (Gateway) or AAA virtual server. Secondly, the targeted victim must use an attacker-crafted link.
According to Citrix, the following supported versions of Citrix ADC and Citrix Gateway have been affected by this vulnerability:
- Citrix ADC and Citrix Gateway 13.1 before 13.1-24.38
- Citrix ADC and Citrix Gateway 13.0 before 13.0-86.17
- Citrix ADC and Citrix Gateway 12.1 before 12.1-65.15
- Citrix ADC 12.1-FIPS before 12.1-55.282
- Citrix ADC 12.1-NDcPP before 12.1-55.282
A critical aspect of which to note is that organizations using Citrix-managed cloud services are not in danger of being affected by this vulnerability and do not need to take additional action. However, those with customer-managed ADC and Gateway appliances should take the following steps.
Citrix recommends those who are currently affected or could potentially be in the future install all relevant updated versions of Citrix ADC or Citrix Gateway.
- Citrix ADC and Citrix Gateway 13.1-24.38 and later releases
- Citrix ADC and Citrix Gateway 13.0-86.17 and later releases of 13.0
- Citrix ADC and Citrix Gateway 12.1-65.15 and later releases of 12.1
- Citrix ADC 12.1-FIPS 12.1-55.282 and later releases of 12.1-FIPS
- Citrix ADC 12.1-NDcPP 12.1-55.282 and later releases of 12.1-NDcPP
OneNeck Can Help!
Based on the potential harm these vulnerabilities could cause an organization, OneNeck recommends installing updated versions immediately, and our experienced team is here to help. Through our long-standing partnership with Citrix, we will quickly and effectively assess your Citrix appliances and determine which units face the potential of being affected. We will install all necessary updates so that you can get back to doing what you do best, knowing that you and your clients are protected. So, please Contact Us or your account rep today and let us help you continue to run efficiently, effectively and securely.