Severity
High
Analysis Summary
CVE-2022-27507 CVSS:6.5
Citrix ADC and Citrix Gateway are vulnerable to a denial of service, caused by a flaw when DTLS is enabled and either “HDX Insight for EDT traffic” or “SmartControl” have been configured. By sending a specially-crafted request, a remote authenticated attacker could exploit this vulnerability to cause a denial of service condition.
CVE-2022-27508 CVSS:7.5
Citrix ADC and Citrix Gateway are vulnerable to a denial of service, caused by a flaw when configured as a VPN (Gateway)or AAA virtual server. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition.
Impact
- Denial of Service
Indicators Of Compromise
CVE
- CVE-2022-27507
- CVE-2022-27508
Affected Vendors
- Citrix ADC
- Citrix Gateway
Affected Products
- Citrix Gateway 12.1-64.16
- Citrix ADC 12.1-64.16
- Citrix Gateway 12.1
- Citrix Gateway 13.0
- Citrix ADC 13.0
- Citrix ADC 12.1
Remediation
Refer to Citrix Security Advisory for patch, upgrade or suggested workaround information.