Vulnerable product:
Citrix Application Delivery Controller (ADC) and Gateway
Severity:
Severity level: High
Impact: Arbitrary code execution in Citrix ADC
Access Vector: Remote
CVSS v3 Base Score: 9.8 HIGH
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE: CVE-2019-19781
Vulnerability description:
This vulnerability allows an unauthorized, remote attacker to execute malicious code on the system, obtain unauthorized access to published applications, and attack intranet resources of the target organization via Citrix servers.
Advisory status:
05.12.2019 - Vendor gets vulnerability details
19.01.2020, 22.01.2020 23.01.2020, 24.01.2020 - Vendor releases fixed version and details
Credits:
The vulnerability was discovered by Mikhail Klyuchnikov, Positive Technologies
Get in touch
will contact you shortly