| Developers: | Citrix Systems |
| Last Release Date: | 2022/06/15 |
| Technology: | ITSM - IT Service Management Systems, Network Application Performance Management Systems |
Main article: IT Service Management (ITSM)
Citrix Application Delivery Management (ADM) is a centralized management solution that provides visibility into the application delivery infrastructure and simplifies operations with automated management tasks. It is deployed as a server that communicates with agents installed on external managed devices.
2022: Fix for administrator password reset vulnerability
Attackers are exploiting a critical vulnerability to reset Citrix ADM administrators' passwords. This became known on June 15, 2022.
Citrix does not say whether the vulnerability was exploited in cyber attacks.
The vulnerability is tracked as CVE-2022-27511 and allows an unauthorized attacker to damage the victim's system and reset the Citrix ADM administrator password the next time the device is rebooted. After that, an attacker with access to can SSH connect to the device using standard data administrators.
The vulnerability was fixed along with a CVE-2022-27512 whose use by an attacker could lead to a temporary disruption of the ADM license service, which prevents Citrix ADM from issuing new licenses or renewing existing ones.
Citrix Systems notes that these vulnerabilities affect all supported versions of Citrix ADM. Customers are encouraged to upgrade to the latest versions of Citrix ADM that contain the necessary fixes[1].
Notes
| The site content is translated by machine translation software powered by PROMT. The machine-translated articles are not always perfect and may contain errors in vocabulary, syntax or grammar. Read original article If you find inaccuracies or errors in the results of machine translation, please write to editor@tadviser.ru. We will make every effort to correct them as soon as possible. |