A critical flaw in Citrix Application Delivery Management allows resetting admin passwords

Citrix fixed a critical flaw in Citrix Application Delivery Management (ADM), tracked as CVE-2022-27511, that can allow attackers to reset admin passwords.

Citrix fixed a critical vulnerability in Citrix Application Delivery Management (ADM), tracked as CVE-2022-27511, that can be exploited by attackers to reset admin passwords.

Citrix Application Delivery Management (ADM) is a comprehensive platform that enables automation, orchestration, management, and analytics for application delivery across hybrid multi-cloud environments.

The flaw is an Improper Access Control issue reported by the security researcher Florian Hauser from Code White.

“Corruption of the system by a remote, unauthenticated user. The impact of this can include the reset of the administrator password at the next device reboot, allowing an attacker with ssh access to connect with the default administrator credentials after the device has rebooted.” reads the advisory published by the IT giant.

The flaw impacts all supported versions of Citrix Application Delivery Management server.

Citrix recommends customers update their installs of Citrix ADM server and Citrix ADM agent as soon as possible, the affected builds are Citrix ADM 13.1 before 13.1-21.53, and Citrix ADM 13.0 before 13.0-85.19.

Customers must upgrade both Citrix ADM server and all associated Citrix ADM agents. Please see the product documentation for assistance with upgrading the Citrix ADM server and Citrix ADM agents. 

Customers that cannot immediately address the issue with the security patches are recommended that network traffic to the Citrix ADM’s IP address is segmented, either physically or logically, from standard network traffic.   

The IT giant also fixes an Improper Control of a Resource Through its Lifetime tracked as CVE-2022-27512. Successful exploitation of this flaw could cause the temporary disruption of the ADM license service.

Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS. I ask you to vote for me again (even if you have already done it), because this vote is for the final.

Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g. sections “The Underdogs – Best Personal (non-commercial) Security Blog” and “The Tech Whizz – Best Technical Blog”)

To nominate, please visit: 

https://docs.google.com/forms/d/e/1FAIpQLSdNDzjvToMSq36YkIHQWwhma90SR0E9rLndflZ3Cu_gVI2Axw/viewform

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, Citrix Application Delivery Management)

[adrotate banner=”5″]

[adrotate banner=”13″]