Citrix SDWAN Center Security Update

by | Nov 11, 2020 | INFO

Description of Problem

Multiple vulnerabilities have been discovered in Citrix SD-WAN Center that, if exploited, could allow an unauthenticated attacker with network access to SD-WAN Center to perform arbitrary code execution as root.

These vulnerabilities have the following identifiers:

CVEDescriptionVulnerability TypePre-conditions 
CVE-2020-8271 Unauthenticated remote code execution with root privilegesCWE-23: Path TraversalAn attacker must be able to communicate with SD-WAN Center’s Management IP/FQDN
CVE-2020-8272Authentication Bypass resulting in exposure of SD-WAN functionalityCWE-287: Improper AuthenticationAn attacker must be able to communicate with SD-WAN Center’s Management IP/FQDN
CVE-2020-8273Privilege escalation of an authenticated user to rootCWE-78: Improper Neutralization of Special Elements used in an OS Command (‹OS Command Injection›)The attacker must be an authenticated user on SD-WAN Center

The following supported versions of Citrix SD-WAN Center are affected by these issues:

  • Citrix SD-WAN 11.2 before 11.2.2
  • Citrix SD-WAN 11.1 before 11.1.2b
  • Citrix SD-WAN 10.2 before 10.2.8

Other versions are now End of Life and no longer supported.

Mitigating Factors

Citrix SD-WAN Center is an internal management platform for Citrix SD-WAN and access to Citrix SD-WAN Center is likely to be restricted.

What Customers Should Do

The issues have been addressed in the following versions of Citrix SD-WAN Center: 

  • Citrix SD-WAN 11.2.2 and later versions of Citrix SD-WAN 11.2 
  • Citrix SD-WAN 11.1.2b and later versions of Citrix SD-WAN 11.1
  • Citrix SD-WAN 10.2.8 and later versions of Citrix SD-WAN 10.2 

Affected customers are strongly recommended to immediately update their deployments.

The latest versions of Citrix SD-WAN Center are available at: https://www.citrix.com/en-gb/downloads/citrix-sd-wan/

Acknowledgements

Citrix would like to thank Ariel Tempelhof of Realmode Labs for working with us to protect Citrix customers.

What Citrix Is Doing

Citrix is notifying customers and channel partners about this potential security issue. This article is also available from the Citrix Knowledge Center at  http://support.citrix.com/.

Obtaining Support on This Issue

If you require technical assistance with this issue, please contact Citrix Technical Support. Contact details for Citrix Technical Support are available at  https://www.citrix.com/support/open-a-support-case.html

Reporting Security Vulnerabilities

Citrix welcomes input regarding the security of its products and considers any and all potential vulnerabilities seriously. For guidance on how to report security-related issues to Citrix, please see the Citrix Trust Center at https://www.citrix.com/about/trust-center/vulnerability-process.html

Bleiben Sie immer aktuell informiert!

Wenn Sie sich in unsere Mailingliste eintragen, werden Sie zukünftig direkt informiert, sobald ein Alarm oder eine Information erstellt wird. Verpassen Sie keine sicherheitskritischen Meldungen mehr und abonnieren den Newsletter noch heute.

Invalid email address
Bitte wählen Sie Ihre Kategorie(n).
Citrix
Nutanix
Weitere
Wir versprechen, Sie nicht zuzuspammen. Sie können sich jederzeit wieder abmelden.