PT-2019-15287 · Citrix · Citrix Application Delivery Controller (Citrix Adc)/Citrix Gateway
Published
2019-10-21
·
Updated
2020-08-24
·
CVE-2019-18225
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Citrix Application Delivery Controller (ADC) and Gateway versions prior to 10.5 build 70.8
Citrix Application Delivery Controller (ADC) and Gateway versions 11.x prior to 11.1 build 63.9
Citrix Application Delivery Controller (ADC) and Gateway versions 12.0 prior to build 62.10
Citrix Application Delivery Controller (ADC) and Gateway versions 12.1 prior to build 54.16
Citrix Application Delivery Controller (ADC) and Gateway versions 13.0 prior to build 41.28
Description
An issue allows an attacker with management-interface access to bypass authentication and obtain appliance administrative access.
Recommendations
For versions prior to 10.5 build 70.8, update to build 70.8 or later.
For versions 11.x prior to 11.1 build 63.9, update to 11.1 build 63.9 or later.
For versions 12.0 prior to build 62.10, update to build 62.10 or later.
For versions 12.1 prior to build 54.16, update to build 54.16 or later.
For versions 13.0 prior to build 41.28, update to build 41.28 or later.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Citrix Application Delivery Controller (Citrix Adc)/Citrix Gateway