Earlier today, we received notification from Citrix that there was a security vulnerability with Citrix Netscaler that requires patching to close.
Technical Alert Information
On Nov. 9, 2021, Citrix published a security bulletin for Citrix ADC, Citrix Gateway and Citrix SD-WAN WANOP Edition that covers two vulnerabilities, one of which is a critical severity vulnerability.
If exploited, these vulnerabilities could result in the following security issues:
- Critical Severity – Unauthenticated Denial of Service – CVE-2021-22955
Affected products: Citrix ADC and Citrix Gateway - Low Severity – Temporary disruption of the Management GUI, Nitro API and RPC communication – CVE-2021-22956
Affected products: Citrix ADC, Citrix Gateway, Citrix SD-WAN WANOP Edition
While no known exploits are currently available, to reduce risk, Citrix strongly encourages you to apply the fixes as soon as possible.
Recommendation
Use the files located at https://www.citrix.com/downloads/ to patch your affected products. If you require assistance, contact Innovative Computing Systems at [email protected] or 1-800-541-0450.
The maintenance window is estimated at two hours.
Additional Information/Sources
Citrix Bulletin: https://support.citrix.com/article/CTX330728
If you require help, contact Innovative Computing Systems at [email protected] or 1-800-541-0450.