Citrix Patches Two Flaws in its Application Delivery Management Solution

What happened?

On June 14, Citrix published a security bulletin (CTX460016) to address a pair of flaws in its Application Delivery Management (Citrix ADM), a centralized management solution used to monitor a variety of Citrix networking products.

What are the two vulnerabilities?

• CVE-2022-27511 - Citrix ADM Improper Access Control Vulnerability
• CVE-2022-27512 - Citrix ADM Improper Control of a Resource Through its Lifetime Vulnerability

How severe are these vulnerabilities?

CVE-2022-27511 is the most severe of the two flaws, as it was assigned a CVSSv3 score of 8.1, making it a high-rated vulnerability. A remote, unauthenticated attacker could exploit this flaw in order to reset the administrator password for the ADM. However, the password reset would only occur following a device reboot. Once rebooted, the attacker could connect to the ADM using default administrator credentials if they have SSH access to the device. These factors make this flaw harder to exploit.

Are there proof-of-concept exploits for these flaws?

No, at the time this post was published, there were no publicly available proof-of-concept exploits for either of these vulnerabilities.

What versions of Citrix ADM are affected?

According to Citrix, the following versions of Citrix ADM are affected:

• 13.1-24.38 and below
• 13.0-84.10 and below

Has Tenable released any product coverage?

Yes, we recently released Nessus plugin ID 162330 - Citrix ADM 13.0.x < 13.0.85.19 / 13.1.x < 13.1.21.53 Multiple Vulnerabilities (CTX460016) to identify vulnerable assets in your environment. 

Are there any other recommendations related to these vulnerabilities?

Yes, Citrix “strongly recommends” employing IP address segmentation, which “diminishes the risk of exploitation of these issues.”

For more information, please refer to the security bulletin.