SB2022110892 - Multiple vulnerabilities in Citrix Gateway and Citrix ADC

Security Bulletin ID SB2022110892

Severity

High

Patch available

YES

Number of vulnerabilities 3

Exploitation vector Remote access

Highest impact Information disclosure

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 3 secuirty vulnerabilities.

1) Improper Authentication (CVE-ID: CVE-2022-27510)

The vulnerability allows a remote attacker to bypass authentication process.

The vulnerability exists due to an error in the authentication process when the appliance is configured as VPN (Gateway). A remote non-authenticated attacker can bypass authentication process and gain unauthorized access to Gateway user capabilities.

2) Insufficient verification of data authenticity (CVE-ID: CVE-2022-27513)

The vulnerability allows a remote attacker to perform spoofing attack.

The vulnerability exists due to insufficient verification of data authenticity within RDP proxy. A remote attacker can gain control over users' RDP sessions via phishing attack.

Successful exploitation of the vulnerability requires the appliance to be configured as VPN (Gateway) and RDP proxy. Also attacker should have initial access to the network via SSL-VPN gateway.

3) Protection Mechanism Failure (CVE-ID: CVE-2022-27516)

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to incorrect implementation of of the "Max Login Attempts" feature within the VPN (Gateway) and AAA virtual server. An attacker can bypass implemented security restrictions and perform a brute-force attack.

Remediation

Install update from vendor's website.

References

https://support.citrix.com/article/CTX463706/citrix-gateway-and-citrix-adc-security-bulletin-for-cve202227510-cve202227513-and-cve202227516