CVE-2021-22956

Name of the Vulnerable Software and Affected Versions Citrix ADC versions prior to 13.0-83.27 Citrix ADC versions prior to 12.1-63.22 Citrix ADC version 11.1-65.23

Description An uncontrolled resource consumption issue exists that could allow an attacker with access to NSIP or SNIP with management interface access to cause a temporary disruption of the Management GUI, Nitro API, and RPC communication. The vulnerability may be exploited by a remote attacker to cause a denial of service on devices.

Recommendations For Citrix ADC versions prior to 13.0-83.27, update to version 13.0-83.27 or later. For Citrix ADC versions prior to 12.1-63.22, update to version 12.1-63.22 or later. For Citrix ADC version 11.1-65.23, consider disabling the management interface access to minimize the risk of exploitation until a patch is available.