Sunday, July 3, 2022
  • Events
  • Interviews
  • Jobs
  • Opinion
  • Whitepapers
  • Glossary
  • Community Forum
  • Web Hosting Directory
  • Login
  • Register
Cloud7 News
  • Cloud Computing
  • Web Hosting
  • Data Center
  • Linux
  • Cybersecurity
  • More
    • Network/Internet
    • Windows
    • Software
    • Hardware
    • Blockchain
    • Policy/Legislation
    • How-Tos
    • Troubleshooting
No Result
View All Result
Cloud7 News
  • Cloud Computing
  • Web Hosting
  • Data Center
  • Linux
  • Cybersecurity
  • More
    • Network/Internet
    • Windows
    • Software
    • Hardware
    • Blockchain
    • Policy/Legislation
    • How-Tos
    • Troubleshooting
No Result
View All Result
Cloud7 News
No Result
View All Result

Home > Cybersecurity > Citrix publishes a security bulletin for security flaws

Citrix publishes a security bulletin for security flaws

Citrix released new security patches for 11 security flaws that affect Citrix ADC, Citrix Gateway, and Citrix SD-WAN WANOP edition.

Seda Nur Cinar by Seda Nur Cinar
July 8, 2020
in Cybersecurity
2 min read
0 0
0
Citrix publishes a security bulletin for security flaws
0
SHARES
19
VIEWS
Share on FacebookShare on TwitterShare on EmailFollow on Google News

Citrix published a security bulletin for 11 security flaws in its networking products, Citrix ADC, Citrix Gateway, and Citrix SD-WAN WANOP edition. These critical flaws could let unauthenticated attackers perform code injection, information disclosure, and even denial-of-service attacks against the gateway or the authentication virtual servers.

11 security flaws

According to the company, the aforementioned issues do not impact other virtual servers, such as load balancing and content switching virtual servers. Also, Citrix-managed Gateway is not affected. Among the affected Citrix SD-WAN WANOP appliances include models 4000-WO, 4100-WO, 5000-WO, and 5100-WO.

The following versions of Citrix ADC, Citrix Gateway and Citrix SD-WAN WANOP remediate the vulnerabilities:
• Citrix ADC and Citrix Gateway 13.0-58.30 and later releases
• Citrix ADC and NetScaler Gateway 12.1-57.18 and later 12.1 releases
• Citrix ADC and NetScaler Gateway 12.0-63.21 and later 12.0 releases
• Citrix ADC and NetScaler Gateway 11.1-64.14 and later 11.1 releases
• NetScaler ADC and NetScaler Gateway 10.5-70.18 and later 10.5 releases
• Citrix SD-WAN WANOP 11.1.1a and later releases
• Citrix SD-WAN WANOP 11.0.3d and later 11.0 releases
• Citrix SD-WAN WANOP 10.2.7 and later 10.2 releases
• Citrix Gateway Plug-in for Linux 1.0.0.137 and later versions

The company also said that these vulnerabilities were not connected to a previously fixed zero-day NetScaler flaw (tagged as CVE-2019-19781) that allowed bad actors to perform arbitrary code execution even without proper authentication.

According to the announcement, three of the six possible attacks in CTX276688 occur in the management interface of a vulnerable device. Citrix recommendations reduce the risk. The company also has added staff to its technical support call centers and are prepared to assist its customers.

Fermin S. Jerna, Chief Information Security Officer at Citrix
Fermin S. Jerna, Chief Information Security Officer, Citrix

Fermin S. Jerna, Chief Information Security Officer at Citrix, wrote a blog post, saying,

“Two of the remaining three possible attacks additionally require some form of existing access. That effectively means an external malicious actor would first need to gain unauthorized access to a vulnerable device to be able to conduct an attack.

Citrix recommended customers to download and apply the latest builds for Citrix ADC, Citrix Gateway, and Citrix SD-WAN WANOP appliances as soon as possible to mitigate risk and defend against potential attacks designed to exploit these flaws.

See more Cyber Security News


Tags: Citrix Systems
ShareTweetSendShare
Seda Nur Cinar

Seda Nur Cinar

Seda Nur Cinar is the news editor of the Cloud7 News. With more than 8 years of Linux and cloud experience, Seda is a Linux and opensource enthusiast, security researcher and a web application developer.

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

I agree to the Terms & Conditions and Privacy Policy.

Next Post
Tonaquint Data Centers acquired Fiberpipe Data Centers

Tonaquint Data Centers acquired Fiberpipe Data Centers

Related News

8220 gang targeting Linux systems again, Microsoft says

8220 gang targeting Linux systems again, Microsoft says

July 1, 2022 2:52 pm
Kaspersky found a module backdoor in Microsoft Exchange

Kaspersky found a module backdoor in Microsoft Exchange

July 1, 2022 1:50 pm
CISA pinpoints the PwnKit threat

CISA pinpoints the PwnKit threat

June 30, 2022 5:50 pm
Attackers has breached AMD network and exfiltrated data

Attackers have breached the AMD network and exfiltrated data

June 30, 2022 5:30 pm
Get free daily newsletters from Cloud7 News Get the Cloud7 Newsletter

Check your inbox or spam folder to confirm your subscription.

By subscribing, you agree to our
Copyright Policy and Privacy Policy

Editor's Choice

Interview with Igor Seletskiy on AlmaLinux

7 best hosting control panels

How to update Linux Kernel without rebooting?

7 best Linux mail servers for 2022

7 best cPanel alternatives for 2022

7 best Linux web browsers for 2022

7 best CentOS alternatives

7 best Linux server distros for 2022

How to scan your server for Log4j (Log4Shell) vulnerability

10 Best Web Hosting Services of 2022

AlmaLinux 8.6 Stable is ready to download

Ubuntu 22.04 LTS is available for download. What is new?

Kali Linux 2022.2 is ready for download

Advertisement

Recent News

  • Weekly round-up: 27 June – 1 July
  • Cloud7 Podcast – Episode 09: AlmaLinux OS
  • Snap app of the week: Sensors Unity
  • Server cabinet types and accessories
  • How to change WordPress password via phpMyAdmin

Our Latest Interview

Interview: Erez Barak, Vice President Observability of Sumo Logic
Interview

Interview: Erez Barak, Vice President Observability of Sumo Logic

by Atalay Kelestemur
November 25, 2021 3:23 am


Cloud7 News is a news source that publishes the latest news, industry news and exclusive interviews on web hosting, cloud computing, data center, cybersecurity and linux.

News Categories

  • Web Hosting
  • Cloud Computing
  • Data Center
  • Cybersecurity
  • Linux
  • Network/Internet
  • Software
  • Hardware
  • Blockchain

Our Free Modules

  • Events
  • Interviews
  • Jobs
  • Opinion
  • Whitepapers
  • Glossary
  • Community Forum
  • Web Hosting Directory

Get the Cloud7 Newsletter

Get FREE daily newsletters from Cloud7 delivering the latest news and reviews.

  • About
  • Privacy & Policy
  • Copyright Policy
  • Contact

© 2022, Cloud7 News. Latest Cloud Computing, Web Hosting, Data Center Industry and Tech News

No Result
View All Result
  • Cloud Computing
  • Web Hosting
  • Data Center
  • Linux
  • Cybersecurity
  • More
    • Network/Internet
    • Windows
    • Software
    • Hardware
    • Blockchain
    • Policy/Legislation
    • How-Tos
    • Troubleshooting
  • Events
  • Interviews
  • Jobs
  • Opinion
  • Whitepapers
  • Glossary
  • Community Forum
  • Web Hosting Directory

© 2022, Cloud7 News. Latest Cloud Computing, Web Hosting, Data Center Industry and Tech News

Welcome Back!

Sign In with Facebook
Sign In with Google
Sign In with Linked In
OR

Login to your account below

Forgotten Password? Sign Up

Create New Account!

Sign Up with Facebook
Sign Up with Google
Sign Up with Linked In
OR

Fill the forms below to register

*By registering into our website, you agree to the Terms & Conditions and Privacy Policy.
All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In
This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.