[German]A brief note for administrators who deal with Citrix products. The manufacturer has released several security bulletins including security updates for its products on June 8 and 9, 2021. There is a Citrix Hypervisor Security Update, Citrix Cloud Connector Security Update, and Citrix Application Delivery Controller, Citrix Gateway, and Citrix SD-WAN WANOP appliance Security Update, respectively. Here's a brief overview of the security bulletins in question.
Advertising
German log reader 1ST1 was kind enough to point out these security bulletins and updates in this comment.
Citrix Hypervisor Security Update
Several security issues have been identified in the Citrix Hypervisor, which are described in security bulletin CTX316324. Two of these vulnerabilities each allow privileged code in a guest VM to cause the host to crash or become unresponsive. These two issues only affect systems where the malicious guest VM has a physical PCI device passed to it by the host administrator. The vulnerabilities have been assigned CVEs CVE-2021-27379 and CVE-2021-28692.
Another issue involves the underlying CPU hardware. Although not an issue in the Citrix Hypervisor product itself, Citrix is issuing hotfixes that also address this CPU issue. This issue belongs to a type known as "speculative execution attacks." The vulnerability allows malicious code running on a CPU to derive the value of registers or memory belonging to other processes running on that CPU. More details and hotfixes can be found in Security Bulletin CTX316324.
Security Updates: Citrix ADC, Gateway and SD-WAN WANOP
According to security bulletin CTX297155 several vulnerabilities have been discovered in Citrix ADC (formerly known as NetScaler ADC), Citrix Gateway (formerly known as NetScaler Gateway) and Citrix SD-WAN WANOP appliance models 4000-WO, 4100-WO, 5000-WO and 5100-WO. These vulnerabilities, if exploited, could lead to the following security issues.
- CVE-2020-8299: Network-based denial-of-service from within the same Layer 2 network segment; the attacker machine must be in the same Layer 2 network segment as the vulnerable appliance
- CVE-2020-8300: SAML authentication hijack through a phishing attack to steal a valid user session; Citrix ADC or Citrix Gateway must be configured as a SAML SP or a SAML IdP
The vendor specifies in the security bulletin exactly which products and product versions are affected. Updates to close the vulnerabilities are available for the affected products.
Advertising
Citrix Cloud Connector Security Update
According to security bulletin CTX316690 a vulnerability has been identified in Citrix Cloud Connector. This vulnerability could result in sensitive information being stored in Citrix Cloud Connector installation log files. If these installation log files fall into unauthorized hands and are exploited, this could allow access to a customer's Citrix Cloud environment. Citrix has also provided a security update for this in the security bulletin.
