fbpx

This website uses cookies to ensure you get the best experience. More Information Accept

Vulnerability in Citrix ADC & Citrix Gateway (CVE-2019-19781)

24 December 2019 - by SOC

What is it about?

A vulnerability (CVE-2019-19781) has been identified in Citrix Application Delivery Controller (formerly known as NetScaler ADC) and Citrix Gateway(formerly known as NetScaler Gateway) according to Citrix Security releases.

What is the impact of this attack?

If this vulnerability exploited , could allow the attacker to get access to internal network without authentication and perform arbitrary code execution .
However, there is no patch for the vulnerability at this time, so in order to find out when the updated firmware is available for the affected Citrix products, it is recommended to subscribe at:

Affected product versions

According to Citrix the CVE-2019-19781 vulnerability impacts the following product versions:

  • Citrix ADC and Citrix Gateway version 13.0 all supported builds
  • Citrix ADC and NetScaler Gateway version 12.1 all supported builds
  • Citrix ADC and NetScaler Gateway version 12.0 all supported builds
  • Citrix ADC and NetScaler Gateway version 11.1 all supported builds
  • Citrix NetScaler ADC and NetScaler Gateway version 10.5 all supported builds

What organisations should do as part of mitigation and prevention actions

It is strongly recommended that affected customers should immediately take action and apply the provided mitigation steps (see link below).

https://support.citrix.com/article/CTX267679

 

You can find more information regarding the vulnerability in Citrix knowledge base article:

LATEST UPDATES