Citrix ADC and Citrix Gateway Security Bulletin for CVE-2022-27507 and CVE-2022-27508

Citrix ADC and Citrix Gateway Security Bulletin for CVE-2022-27507 and CVE-2022-27508

by | Mai 25, 2022 | ALARM, ctx_adc

Description of Problem

Vulnerabilities have been discovered in Citrix ADC and Citrix Gateway that, if exploited, could result in a denial of service. 

These vulnerabilities have the following identifiers: 

CVE-ID  Description  CWE  Pre-conditions 
CVE-2022-27507 Authenticated denial of service CWE-400: Uncontrolled Resource Consumption   VPN (Gateway) virtual server with  DTLS, and  either ‹HDX Insight for EDT traffic› or ‹SmartControl› is configured 
CVE-2022-27508 Unauthenticated denial of service CWE-400: Uncontrolled Resource Consumption   Appliance must be configured as a VPN (Gateway) or AAA virtual server 

Für detaillierte Informationen und weitere Schritte, folgen Sie bitte den Informationen im Original Citrix Artikel.

Zum Original Artikel