CVE-2022-27518

Citrix | Application Delivery Controller (ADC) and GatewayAdded 2022-12-13Remediation Deadline 2023-01-03

Citrix Application Delivery Controller (ADC) and Gateway Authentication Bypass Vulnerability

Citrix Application Delivery Controller (ADC) and Gateway, when configured with SAML SP or IdP configuration, contain an authentication bypass vulnerability that allows an attacker to execute code as administrator.

Required Action

Apply updates per vendor instructions.

Weakness Classification

CWE-664

References

https://www.citrix.com/blogs/2022/12/13/critical-security-update-now-available-for-citrix-adc-citrix-gateway/
https://nvd.nist.gov/vuln/detail/CVE-2022-27518

Cybersecurity Alerts

CVE-2022-27518

Citrix Application Delivery Controller (ADC) and Gateway Authentication Bypass Vulnerability

Required Action

Weakness Classification

References