Rewterz Threat Alert – SharpPanda APT Group – Active IOCs
November 10, 2022Rewterz Threat Advisory – CVE-2022-41103 – Microsoft Word Vulnerability
November 10, 2022Rewterz Threat Alert – SharpPanda APT Group – Active IOCs
November 10, 2022Rewterz Threat Advisory – CVE-2022-41103 – Microsoft Word Vulnerability
November 10, 2022Severity
High
Analysis Summary
CVE-2022-27510 CVSS:7.2
Citrix ADC and Citrix Gateway could allow a remote attacker to bypass security restrictions, caused by the presence of an alternative authentication path or channel. By sending a specially-crafted request, an attacker could exploit this vulnerability to bypass authentication and obtain access.
CVE-2022-27513 CVSS:7.4
Citrix ADC and Citrix Gateway could allow a remote attacker to conduct phishing attacks, caused by an open redirect vulnerability. An attacker could exploit this vulnerability using a specially-crafted URL to redirect a victim to arbitrary Web sites.
CVE-2022-27516 CVSS:10
Citrix ADC and Citrix Gateway is vulnerable to a brute force attack, caused by improper restriction of excessive authentication attempts. By using brute force techniques, a remote attacker could exploit this vulnerability to takeover the account of the administrator.
Impact
- Securiity Bypass
- Gain Access
Indicators Of Compromise
CVE
- CVE-2022-27510
- CVE-2022-27513
- CVE-2022-27516
Affected Vendors
Citrix
Affected Products
- Citrix Gateway 12.1
- Citrix Gateway 13.0
- Citrix ADC 13.0
- Citrix ADC 12.1
- Citrix ADC 13.1
- Citrix ADC 12.1-FIPS
- Citrix ADC 12.1-NDcPP
- Citrix Gateway 13.1
- Citrix Gateway 12.1-64.16
- Citrix ADC 12.1-64.16
Remediation
Refer to Citrix Security Advisory for patch, upgrade or suggested workaround information.
Citrix Security Advisory