Impact of Open SSL 3.0 vulnerabilities CVE-2022-3602, CVE-2022-3786 on Citrix products

Citrix is aware of the vulnerabilities (CVE-2022-3602, CVE-2022-3786) that impact OpenSSL versions 3.0.0 to 3.0.6.

Citrix continues to investigate any potential impact on Citrix-managed cloud services. If, as the investigation continues, any Citrix-managed services are found to be affected by this issue, Citrix will take immediate action to remediate the problem. Customers using Citrix-managed cloud services do not need to take any action.

In parallel, Citrix continues to investigate the potential impact on customer-managed (on-premises) products. Please find below the present status of these products.



Citrix ADC (NetScaler ADC) and Citrix Gateway (NetScaler Gateway)

Not impacted (all platforms)

Citrix Application Delivery Management (NetScaler MAS)

Investigation in progress

Citrix Cloud Connector

Not impacted

Citrix Connector Appliance for Cloud Services

Not impacted

Citrix Content Collaboration (ShareFile Integration) – Citrix Files for Windows, Citrix Files for Mac, Citrix Files for Outlook

Not impacted

Citrix Endpoint Management (Citrix XenMobile Server)

Not impacted

Citrix Hypervisor (XenServer)

Not impacted

Citrix License Server

Not impacted

Citrix SD-WAN

Not impacted

Citrix ShareFile StorageZones Controller

Not impacted

Citrix Virtual Apps and Desktops (XenApp & XenDesktop)

Investigation in progress for Citrix Director

All other components not impacted

Citrix Workspace App for Linux

Not impacted

Citrix Workspace App for Mac

Not impacted

Citrix Workspace App for Windows

Investigation in progress

Citrix Workspace App for HTML5 Investigation in progress

All customers are recommended to monitor this article for the latest updates. Customers may also subscribe to receive notifications at


  • No Related Posts

Leave a Reply