Thursday, March 23, 2023
  • Events
  • Interviews
  • Jobs
  • Opinion
  • Whitepapers
  • Podcasts
  • Web Hosting Directory
  • Login
  • Register
Cloud7 News
  • Cloud Computing
  • Web Hosting
  • Data Center
  • Linux
  • Cybersecurity
  • More
    • Software
    • Network/Internet
    • Hardware
    • Artificial Intelligence
    • Windows
    • Policy/Legislation
    • Blockchain
    • Troubleshooting
    • How-Tos
    • Articles
No Result
View All Result
Cloud7 News
  • Cloud Computing
  • Web Hosting
  • Data Center
  • Linux
  • Cybersecurity
  • More
    • Software
    • Network/Internet
    • Hardware
    • Artificial Intelligence
    • Windows
    • Policy/Legislation
    • Blockchain
    • Troubleshooting
    • How-Tos
    • Articles
No Result
View All Result
Cloud7 News
No Result
View All Result

Home > Cybersecurity > Citrix publishes a security bulletin for security flaws

Citrix publishes a security bulletin for security flaws

Citrix released new security patches for 11 security flaws that affect Citrix ADC, Citrix Gateway, and Citrix SD-WAN WANOP edition.


Seda Nur Cinar Seda Nur Cinar
July 8, 2020
2 min read
Citrix publishes a security bulletin for security flaws

Citrix published a security bulletin for 11 security flaws in its networking products, Citrix ADC, Citrix Gateway, and Citrix SD-WAN WANOP edition. These critical flaws could let unauthenticated attackers perform code injection, information disclosure, and even denial-of-service attacks against the gateway or the authentication virtual servers.

11 security flaws

According to the company, the aforementioned issues do not impact other virtual servers, such as load balancing and content switching virtual servers. Also, Citrix-managed Gateway is not affected. Among the affected Citrix SD-WAN WANOP appliances include models 4000-WO, 4100-WO, 5000-WO, and 5100-WO.

The following versions of Citrix ADC, Citrix Gateway and Citrix SD-WAN WANOP remediate the vulnerabilities:
• Citrix ADC and Citrix Gateway 13.0-58.30 and later releases
• Citrix ADC and NetScaler Gateway 12.1-57.18 and later 12.1 releases
• Citrix ADC and NetScaler Gateway 12.0-63.21 and later 12.0 releases
• Citrix ADC and NetScaler Gateway 11.1-64.14 and later 11.1 releases
• NetScaler ADC and NetScaler Gateway 10.5-70.18 and later 10.5 releases
• Citrix SD-WAN WANOP 11.1.1a and later releases
• Citrix SD-WAN WANOP 11.0.3d and later 11.0 releases
• Citrix SD-WAN WANOP 10.2.7 and later 10.2 releases
• Citrix Gateway Plug-in for Linux 1.0.0.137 and later versions

The company also said that these vulnerabilities were not connected to a previously fixed zero-day NetScaler flaw (tagged as CVE-2019-19781) that allowed bad actors to perform arbitrary code execution even without proper authentication.

According to the announcement, three of the six possible attacks in CTX276688 occur in the management interface of a vulnerable device. Citrix recommendations reduce the risk. The company also has added staff to its technical support call centers and are prepared to assist its customers.

Fermin S. Jerna, Chief Information Security Officer at Citrix
Fermin S. Jerna, Chief Information Security Officer, Citrix

Fermin S. Jerna, Chief Information Security Officer at Citrix, wrote a blog post, saying,

“Two of the remaining three possible attacks additionally require some form of existing access. That effectively means an external malicious actor would first need to gain unauthorized access to a vulnerable device to be able to conduct an attack.

Citrix recommended customers to download and apply the latest builds for Citrix ADC, Citrix Gateway, and Citrix SD-WAN WANOP appliances as soon as possible to mitigate risk and defend against potential attacks designed to exploit these flaws.

See more Cybersecurity News

A comprehensive guide to understanding Cybersecurity: What is Cybersecurity?


Tags: Citrix Systems
Seda Nur Cinar

Seda Nur Cinar

Seda Nur Cinar is the news editor of the Cloud7 News. With more than 8 years of Linux and cloud experience, Seda is a Linux and opensource enthusiast, security researcher and a web application developer.

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

I agree to the Terms & Conditions and Privacy Policy.

Next Post
Tonaquint Data Centers acquired Fiberpipe Data Centers

Tonaquint Data Centers acquired Fiberpipe Data Centers

Related News

CISA aims to identify vulnerabilities that attract ransomware

CISA aims to identify vulnerabilities that attract ransomware

March 22, 2023 2:10 pm
7 best cybersecurity schools

7 best cyber security schools

March 21, 2023 9:00 pm
Akamai researchers warn about the new HinataBot botnet

Akamai researchers warn about the new HinataBot botnet

March 20, 2023 6:10 pm
7 biggest data breaches in the history of the internet

7 biggest data breaches in the history of the internet

March 16, 2023 10:55 pm
Get free daily newsletters from Cloud7 News Get the Cloud7 Newsletter
Select list(s):

Check your inbox or spam folder to confirm your subscription.

By subscribing, you agree to our
Copyright Policy and Privacy Policy

Get the free newsletter

Subscribe to receive the latest IT business updates straight to your inbox.

Select list(s):

Check your inbox or spam folder to confirm your subscription.

Recent News

  • How to change system language on Windows 11
  • How to create and manage menus in WordPress
  • Interview: Tim Mackey, head of supply chain risk strategy of Synopsys
  • 7 richest domains and the reasons why
  • CISA aims to identify vulnerabilities that attract ransomware

Cloud7 News
Cloud7 is a news source that publishes the latest news, reviews, comparisons, opinions, and exclusive interviews to help tech users of high-experience levels in the IT industry.

EXPLORE

  • Web Hosting
  • Cloud Computing
  • Data Center
  • Cybersecurity
  • Linux
  • Network/Internet
  • Software
  • Hardware
  • Artificial Intelligence
  • How-Tos
  • Troubleshooting

RESOURCES

  • Events
  • Interviews
  • Jobs
  • Opinion
  • Whitepapers
  • Podcasts
  • Web Hosting Directory

Get the Cloud7 Newsletter

Get FREE daily newsletters from Cloud7 delivering the latest news and reviews.

  • About Us
  • Privacy & Policy
  • Copyright Policy
  • Contact

© 2023, Cloud7 News. All rights reserved.

No Result
View All Result
  • Cloud Computing
  • Web Hosting
  • Data Center
  • Linux
  • Cybersecurity
  • More
    • Software
    • Network/Internet
    • Hardware
    • Artificial Intelligence
    • Windows
    • Policy/Legislation
    • Blockchain
    • Troubleshooting
    • How-Tos
    • Articles
  • Events
  • Interviews
  • Jobs
  • Opinion
  • Whitepapers
  • Podcasts
  • Web Hosting Directory

© 2023, Cloud7 News. All rights reserved.

Welcome Back!

Sign In with Facebook
Sign In with Google
Sign In with Linked In
OR

Login to your account below

Forgotten Password? Sign Up

Create New Account!

Sign Up with Facebook
Sign Up with Google
Sign Up with Linked In
OR

Fill the forms below to register

*By registering into our website, you agree to the Terms & Conditions and Privacy Policy.
All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In

Add New Playlist

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.