338 matches found
Citrix Gateway和Citrix ADC 授权问题漏洞
Citrix Systems Citrix Gateway Citrix Systems NetScaler Gateway and Citrix ADC are both products of Citrix Systems, Inc.Citrix Gateway is a secure remote access solution. The product provides administrators with application-level and data-level controls to enable users to remotely access...
Citrix Gateway和Citrix ADC 安全漏洞
Citrix Systems Citrix Gateway Citrix Systems NetScaler Gateway and Citrix ADC are both products of Citrix Systems, Inc.Citrix Gateway is a secure remote access solution. The product provides administrators with application-level and data-level controls to enable users to remotely access...
PT-2022-6073 · Citrix · Citrix Adc +1
Name of the Vulnerable Software and Affected Versions: Citrix ADC formerly Citrix NetScaler Application Delivery Controller versions affected versions not specified Citrix Gateway formerly Citrix NetScaler Gateway versions affected versions not specified Description: The issue is related to...
Citrix ADC and Citrix Gateway Multiple Vulnerabilities (CTX319135)
The remote Citrix ADC or Citrix Gateway device is version 11.1 before 11.1-65.22, 12.1 before 12.1-62.27 or 13.0 before 13.0-82.45. It is therefore affected by multiple vulnerabilities: - A vulnerability has been discovered in Citrix ADC formerly known as NetScaler ADC and Citrix Gateway formerly...
Responder policy cannot be evaluated for Citrix Gateway "/cgi/login" request
Responder policy cannot be hit for Gateway "/cgi/login" http requst even policy expression is evaluated as TRUE...
Citrix Gateway Plug-in for Windows < 21.9.1.2 Improper Access Control (CTX341455)
An improper privilege vulnerability has been discovered in Citrix Gateway Plug-in for Windows Citrix Secure Access for Windows 21.9.1.2 what could allow an attacker who has gained local access to a computer with Citrix Gateway Plug-in installed, to corrupt or delete files as SYSTEM. Note that...
[VPN Plugin] Transfer Login keeps Loading with Non-English language setting
In Citrix Gateway VPN environment, you may observe the following issue when "Transfer Login": After clicking "Transfer" on Client VPN plugin, the button keepsspinning loading and stuck. Logs investigation show the following clues: Problem can only be observed in Non-English language setting Plugi...
[Citrix Gateway VPN] Cannot access intranet applications in VPN over Proxy environment
When you connect Citrix Gateway VPN. You may observe VPN establishment is OK but cannot access internal applications/networks when the following conditions both match: Client has proxy configured and VPN connection goes through Proxy. Client PC has an interface IP in 169.254.0.0/16 subnet Usually...
[Citrix Gateway] Client plugin of Window upgrade fails due to upgrade package issue
The client plugin fails to upgrade to the new one after upgrade ADC, following logs sample could be found in client plugin logs 15:36:32.432 | DEBUG | nsStartSSL called 15:36:32.432 | DEBUG | mNotifier0 15:36:32.447 | EVENT | Version mismatch 15:36:32.447 | DEBUG | RedrawActiveXWnd: 6:0...
Citrix ADC 和 Citrix Gateway 输入验证错误漏洞
Citrix ADC is one of the most comprehensive application delivery and load balancing solutions from US-based Citrix, Inc. for application security, overall visibility and availability. An input validation error vulnerability exists in Citrix ADC and Citrix Gateway, which can be exploited by an...
Citrix ADC and Citrix Gateway 12.1.x < 12.1-65.15 / 13.0.x < 13.0-86.17 / 13.1.x < 13.1-24.38 Unauthenticated Redirection (CTX457836)
The remote Citrix ADC or Citrix Gateway device is version 12.1.x prior to 12.1-65.15, 13.0.x prior to 13.0-86.17 or 13.1.x prior to 13.1-24.38. It may be, therefore, affected by a vulnerability that allows an attacker to redirect the user to a malicious website upon clicking an attacker-crafted...
Vulnerability fixed in Citrix ADC and Citrix Gateway
A vulnerability has been fixed in Citrix ADC and Citrix Gateway. The vulnerability allows a remote malicious party to redirect a potential victim via the Citrix application to be redirected to a malicious website, allowing the application, for example, to be abused in phishing attacks. By using t...
Citrix ADC and Citrix Gateway Security Bulletin for CVE-2022-27509
A vulnerability has been discovered in Citrix ADC and Citrix Gateway which enables an attacker to create a specially crafted URL that redirects to a malicious website. This vulnerability has the following identifier: CVE-ID| Description| CWE| Pre-conditions ---|---|---|--- CVE-2022-27509|...
[CEM] MAM enrollment Fails in Authentication - Password window pops-up Repeatedly
When you enroll MAM to CEM server through Citrix Gateway, you may observe password box pops-up repeatedly without any error. It means your password is correct but SSO from Citrix Gateway to CEM server fails. Follow is the sample of Secure Hub's debug log. " 2022-06-22T14:50:06.638+0800 ",,DEBUG1...
Intermittent Session Launch Failure with Active/Active StoreFront Server Groups
Users intermittently fail to receive ICA files from StoreFront when trying to launch a new session in the following circumstances all of the below conditions must apply: Multiple active StoreFront server groups are in use, connected by GSLB, configured either for direct access or authentication...
[Citrix Gateway] "Cannot complete your request" error after adding EPA configuration
In Citrix Gateway deployment, You may encounter "Cannot complete your request" error if adding a new EPA policy in AAA vServer. For example, you have the following existing configuration to implement post EPA scan based on group name: add authentication Policy NoAuthGroup01 -rule...
Citrix ADC and Citrix Gateway 12.1-64.16 DoS (CTX457048)
The remote Citrix ADC or Citrix Gateway device is version 12.1-64.16. It may, therefore, be affected by a denial of service DoS vulnerability. If the device is configured as a VPN Gateway or AAA virtual server, an unauthenticated remote attacker can cause uncontrolled resource consumption on the...
Vulnerabilities fixed in Ctrix ADC and Gateway
Two vulnerabilities have been fixed in Citrix ADC and Citrix Gateway. The vulnerabilities allow a remote malicious party able to effect a denial-of-service DoS. For CVE-2022-27508 does not require authentication, while CVE-2022-27507 does. The CVE-2022-27507 vulnerability is only exploitable when...
CVE-2022-21827
An improper privilege vulnerability has been discovered in Citrix Gateway Plug-in for Windows Citrix Secure Access for Windows 21.9.1.2 what could allow an attacker who has gained local access to a computer with Citrix Gateway Plug-in installed, to corrupt or delete files as SYSTEM...
CVE-2022-21827
An improper privilege vulnerability has been discovered in Citrix Gateway Plug-in for Windows Citrix Secure Access for Windows 21.9.1.2 what could allow an attacker who has gained local access to a computer with Citrix Gateway Plug-in installed, to corrupt or delete files as SYSTEM...