TTCSIRT-321.07.08.20: TT-CSIRT ADVISORY- CITRIX MULTIPLE VULNERABILITIES
Multiple vulnerabilities have been discovered in Citrix ADC (formerly known as NetScaler ADC), Citrix Gateway (formerly known as NetScaler Gateway) and Citrix SD-WAN WANOP appliance models 4000-WO, 4100-WO, 5000-WO, and 5100-WO. These vulnerabilities, if exploited, could result in a number of security issues including:
Attacks that are limited to the management interface
- System compromise by an unauthenticated user on the management network.
- System compromise through Cross Site Scripting (XSS) on the management interface
- Creation of a download link for the device which, if downloaded and then executed by an unauthenticated user on the management network, may result in the compromise of their local computer.
Customers who have not enabled either the Gateway or Authentication virtual servers are not at risk from attacks that are applicable to those servers.
Other virtual servers e.g. load balancing and content switching virtual servers are not affected by these issues.
The Trinidad and Tobago Cyber Security Incident Response Team (TTCSIRT) encourages users and administrators to review and apply the necessary updates by visiting the following link; which also reflects the various vulnerability types, affected products, attacker privileges and pre-conditions: