CVE-2021-22920

Published: Aug 5, 2021

Modified: Aug 3, 2024

PUBLISHED

Description

A vulnerability has been discovered in Citrix ADC (formerly known as NetScaler ADC) and Citrix Gateway (formerly known as NetScaler Gateway), and Citrix SD-WAN WANOP Edition models 4000-WO, 4100-WO, 5000-WO, and 5100-WO. These vulnerabilities, if exploited, could lead to a phishing attack through a SAML authentication hijack to steal a valid user session.

Vendor	Product	Versions
n/a	Citrix ADC, Citrix Gateway	affected `Citrix ADC and Citrix Gateway 13.0-82.45 and later releases of 13.0` affected `Citrix ADC and Citrix Gateway 12.1-62.27 and later releases of 12.1`

Weaknesses (CWE)

CWE-284

References

https://support.citrix.com/article/CTX319135

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2021-22920

Description

Affected Products

Weaknesses (CWE)

References