CVE-2017-14602 – Authentication Bypass Vulnerability in Citrix NetScaler ADC and NetScaler Gateway Management Interface

This vulnerability has been addressed in the following versions of Citrix NetScaler ADC and NetScaler Gateway:

  • Citrix NetScaler ADC and NetScaler Gateway version 12.0 build 41.24 and build 53.13 and later
  • Citrix NetScaler ADC and NetScaler Gateway version 11.1 build 55.13 and later
  • Citrix NetScaler ADC and NetScaler Gateway version 11.0 build 70.16 and later
  • Citrix NetScaler ADC and NetScaler Gateway version 10.5 build 66.9 and later
  • Citrix NetScaler ADC and NetScaler Gateway version 10.5e build 60.7010.e and later
  • Citrix NetScaler ADC and NetScaler Gateway version 10.1 build 135.18 and later

Citrix strongly recommends that customers impacted by this vulnerability upgrade to a version of the Citrix NetScaler ADC or NetScaler Gateway that contains a fix for this issue as soon as possible.

These versions are available on the Citrix website at the following addresses:

https://www.citrix.com/downloads/netscaler-adc/



https://www.citrix.com/downloads/netscaler-gateway/

In line with industry best practice, Citrix also recommends that customers limit access to the management interface to trusted traffic only. Citrix has published additional guidance on the secure configuration of NetScaler management interfaces. This can be found at the following location:

https://support.citrix.com/article/CTX228148

Important:

If you are upgrading an MPX FIPS device that has FIPS firmware 2.2 please note that NetScaler version 10.5 does not support FIPS firmware 2.2. You can upgrade to versions 11.0, 11.1 or 12.0 currently available for download. Please refer to https://docs.citrix.com/en-us/netscaler/12/ssl/fips/update-fipscard-firmware-version_2_2.html for additional details and validation of FIPS firmware.

Related:

  • No Related Posts

Leave a Reply