Citrix Application Delivery and Management (Citrix ADM) is a web-based solution for managing all Citrix deployments that include Citrix ADC MPX, Citrix ADC VPX, Citrix ADC SDX, Citrix ADC CPX, Citrix ADC BLX, Citrix Gateway, and Citrix Secure Web Gateway that are deployed on-premises or on the cloud.
You can use Citrix ADM to manage, monitor, and troubleshoot the entire global application delivery infrastructure from a single, unified, and centralized cloud-based console. Citrix ADM provides all the capabilities required to quickly set up, deploy, and manage application delivery in Citrix ADC deployments and with rich analytics of application health, performance, and security. Multiple vulnerabilities have been discovered in Citrix ADM. The most severe of these vulnerabilities could Allow for an Unauthenticated Attacker to Reset the Administrator Password. Vulnerabilities have been discovered in Citrix Application Delivery Management (Citrix ADM) that, if exploited, could result in the following security issues: CVE-2022-27511 - Corruption of the system by a remote, unauthenticated user. The impact of this can include the reset of the administrator password at the next device reboot, allowing an attacker with ssh access to connect with the default administrator credentials after the device has rebooted. CVE-2022-27512 - Temporary disruption of the ADM license service. The impact of this includes preventing new licenses from being issued or renewed by Citrix ADM. Successful exploitation of the most severe of these vulnerabilities can include the reset of the administrator password at the next device reboot, allowing an attacker with ssh access to connect with the default administrator credentials after the device has rebooted. All supported versions of Citrix ADM server and Citrix ADM agent are affected by this vulnerability. The following versions of Citrix ADM are in support: Citrix ADM 13.1 and Citrix ADM 13.0. The affected builds are:
Our Recommendations: Apply appropriate updates provided by Citrix once they become available to vulnerable systems immediately after appropriate testing. If patches are not available, you can perform enhanced security monitoring and perform proactive threat detection and response using our MDR service. Establish and Maintain a Vulnerability Management program: Establish and manage a well documented vulnerability management program for enterprise IT assets. Review vulnerability scan results and prioritize your efforts based on the overall risk to your IT assets. Perform Automated Application Patch Management: Perform application updates on enterprise assets through automated patch management on a monthly, or more frequent, basis. Apply the Principle of Least Privilege to all systems and services. Run all software as a non-privileged user (one without administrative privileges) to diminish the effects of a successful attack. Source References: https://support.citrix.com/article/CTX460016/citrix-application-delivery-management-security-bulletin-for-cve202227511-and-cve202227512 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27511 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27512
0 Comments
Your comment will be posted after it is approved.
Leave a Reply. |