CVE-2022-27511

Published: Jun 16, 2022Modified: Nov 21, 2024

8.1

Vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 2.2 / Impact: 5.9

Source: NVD

Description

Corruption of the system by a remote, unauthenticated user. The impact of this can include the reset of the administrator password at the next device reboot, allowing an attacker with ssh access to connect with the default administrator credentials after the device has rebooted.

Affected (2)

Products: Citrix: Application Delivery Management

1 product

Application Delivery Management

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Citrix Application Delivery Management	Before 13.0-85.19
Citrix Application Delivery Management	From 13.1 to 13.1-21.53

Related CWEs

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

References (2)

https://support.citrix.com/article/CTX460016/citrix-application-delivery-management-security-bulletin-for-cve202227511-and-cve202227512

Source: secure@citrix.com

Vendor Advisory

https://support.citrix.com/article/CTX460016/citrix-application-delivery-management-security-bulletin-for-cve202227511-and-cve202227512

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.