#VU69135 Insufficient verification of data authenticity in Citrix Access Gateway and Citrix Netscaler ADC - CVE-2022-27513
Published: November 8, 2022
Vulnerability identifier: #VU69135
Vulnerability risk: Medium
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2022-27513
CWE-ID: CWE-345
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vulnerable software:
Citrix Access Gateway
Citrix Netscaler ADC
Citrix Access Gateway
Citrix Netscaler ADC
Software vendor:
Citrix
Citrix
Description
The vulnerability allows a remote attacker to perform spoofing attack.
The vulnerability exists due to insufficient verification of data authenticity within RDP proxy. A remote attacker can gain control over users' RDP sessions via phishing attack.
Successful exploitation of the vulnerability requires the appliance to be configured as VPN (Gateway) and RDP proxy. Also attacker should have initial access to the network via SSL-VPN gateway.
Remediation
Install updates from vendor's website.