First published: Mon Dec 26 2022(Updated: )
In certain Citrix products, information disclosure can be achieved by an authenticated VPN user when there is a configured SSL VPN endpoint. This affects Citrix ADC and Citrix Gateway 13.0-58.30 and later releases before the CTX276688 update.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Citrix Application Delivery Controller Firmware | <13.0-58.30 | |
Citrix Application Delivery Controller | ||
Citrix Gateway | <13.0-58.30 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2019-18177 is a vulnerability in certain Citrix products that allows an authenticated VPN user to achieve information disclosure via a configured SSL VPN endpoint.
Citrix ADC and Citrix Gateway 13.0-58.30 and earlier releases before the CTX276688 update are affected by CVE-2019-18177.
CVE-2019-18177 has a severity score of 6.5, classified as medium severity.
To fix CVE-2019-18177, it is recommended to apply the CTX276688 update provided by Citrix.
More information about CVE-2019-18177 can be found in the Citrix support article CTX276688.