Multiple vulnerabilities have been discovered in Citrix ADM. Citrix ADM is a web-based solution for managing all Citrix deployments. The most severe of these vulnerabilities Could Allow for an Unauthenticated Attacker to Reset the Administrator Password.
SYSTEMS AFFECTED:
- Citrix ADM 13.1 before 13.1-21.53
- Citrix ADM 13.0 before 13.0-85.19
RISK:
Government:
- Large and medium government entities: High
- Small government entities: Medium
Businesses:
- Large and medium business entities: High
- Small business entities: Medium
Home users: Low
TECHNICAL SUMMARY:
Multiple vulnerabilities have been discovered in Citrix ADM. The most severe of these vulnerabilities Could Allow for an Unauthenticated Attacker to Reset the Administrator Password.
Tactic: Initial Access (TA0001):
Technique: Exploit Public-Facing Application (T1190):
- Corruption of the system by a remote, unauthenticated user. The impact of this can include the reset of the administrator password at the next device reboot, allowing an attacker with ssh access to connect with the default administrator credentials after the device has rebooted. (CVE-2022-27511)
- Temporary disruption of the ADM license service. The impact of this includes preventing new licenses from being issued or renewed by Citrix ADM. (CVE-2022-27512)
