|Number of vulnerabilities||1|
|Public exploit||This vulnerability is being exploited in the wild.|
Citrix Netscaler ADC
Client/Desktop applications / Software for system administration
Citrix Access Gateway
Server applications / Remote management servers, RDP, SSH
This security bulletin contains one critical risk vulnerability.
Exploit availability: NoDescription
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to improper access restrictions in systems configured as a SAML SP or a SAML IdP. A remote non-authenticated attacker can gain unauthorized access to the system.
Note, the vulnerability is being actively exploited in the wild.
Install updates from vendor's website.Vulnerable software versions
Citrix Netscaler ADC: before 12.1-55.291
Citrix Access Gateway: before 12.1-65.25
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?