Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cisaCISACISA:F294DA101F646CF50640B80C8F2F7A1A
HistoryDec 13, 2022 - 12:00 a.m.

Citrix Releases Security Updates for Citrix ADC, Citrix Gateway

2022-12-1300:00:00
us-cert.cisa.gov
16

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

JSON

Citrix has released security updates to address a critical vulnerability (CVE-2022-27518) in Citrix ADC and Citrix Gateway. An attacker could exploit this vulnerability to take control of an affected system. This vulnerability has been exploited in the wild.

CISA encourages users and administrators to review Citrix security bulletin CTX457836 and Citrix’s blog post for more information and to apply the necessary updates. Additionally, CISA urges organizations to review NSA’s advisory APT5: Citrix ADC Threat Hunting Guidance for detection and mitigation guidance against tools employed by a malicious actor targeting vulnerable Citrix ADC systems.

This product is provided subject to this Notification and this Privacy & Use policy.

Please share your thoughts.

We recently updated our anonymous product survey; we’d welcome your feedback.

Related

attackerkb 1
cisa_kev 1
prion 1
cve 1
citrix 1
rapid7blog 1
wizblog 1
nessus 1
thn 3
trellix 2
qualysblog 1
attackerkb
attackerkb
CVE-2022-27518
2022-12-13 00:00:00
cisa_kev
cisa_kev
Citrix Application Delivery Controller (ADC) and Gateway Authentication Bypass Vulnerability
2022-12-13 00:00:00
prion
prion
Remote code execution
2022-12-13 17:15:00
cve
cve
CVE-2022-27518
2022-12-13 17:15:00
citrix
citrix
Citrix ADC and Citrix Gateway Security Bulletin for CVE-2022-27518
2022-12-13 12:01:35
rapid7blog
rapid7blog
CVE-2022-27518: Critical Fix Released for Exploited Citrix ADC, Gateway Vulnerability
2022-12-13 23:19:21
wizblog
wizblog
CVE-2022-27518 exploited in the wild by APT5: everything you need to know
2022-12-13 21:03:18
nessus
nessus
Citrix ADC and Citrix Gateway RCE (CTX474995)
2022-12-13 00:00:00
thn
thn
Thousands of Citrix Servers Still Unpatched for Critical Vulnerabilities
2022-12-29 09:43:00
Hackers Actively Exploiting Citrix ADC and Gateway Zero-Day Vulnerability
2022-12-14 04:40:00
From Ransomware to Cyber Espionage: 55 Zero-Day Vulnerabilities Weaponized in 2022
2023-03-21 09:54:00
trellix
trellix
The Bug Report December 2022 Edition
2023-01-04 00:00:00
The Bug Report December 2022 Edition
2023-01-04 00:00:00
qualysblog
qualysblog
Qualys Threat Research Unit: Threat Thursdays, December 2022
2022-12-29 19:05:19

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

JSON
Related for CISA:F294DA101F646CF50640B80C8F2F7A1A
attackerkb1cisa_kev1prion1cve1citrix1rapid7blog1wizblog1nessus1thn3trellix2qualysblog1