Rewterz Threat Alert – Orcus RAT – Active IOCs
November 15, 2021Rewterz Threat Alert – SNAKE Ransomware – Active IOCs
November 15, 2021Rewterz Threat Alert – Orcus RAT – Active IOCs
November 15, 2021Rewterz Threat Alert – SNAKE Ransomware – Active IOCs
November 15, 2021Severity
High
Analysis Summary
CVE-2021-22955
Citrix Application Delivery Controller, Citrix Gateway, and Citrix SD-WAN WANOP appliance models are vulnerable to a denial of service. If an appliance is configured as a VPN (Gateway) or AAA virtual server, a remote attacker could exploit this vulnerability to cause a denial of service.
CVE-2021-22956
Citrix Application Delivery Controller, Citrix Gateway, and Citrix SD-WAN WANOP appliance models are vulnerable to a denial of service. Attacker access to NSIP or SNIP with management interface access could exploit this vulnerability to temporarily disrupt the Management GUI, Nitro API, and RPC communication.
Impact
- Denial of Service
Affected Vendors
- Citrix
Affected Products
- Citrix Gateway 11.1
- Citrix Gateway 12.1
- Citrix Gateway 13.0
- Citrix Application Delivery Controller (ADC) 11.1
- Citrix Application Delivery Controller (ADC) 12.1
- Citrix Application Delivery Controller (ADC) 13.0
- Citrix SD-WAN WANOP Edition 10.2
- Citrix SD-WAN WANOP Edition 11.4
Remediation
Refer to Citrix Advisory for patch, upgrade or suggested workaround information. See References