CVE-2019-19781: Unauthenticated Remote Code Execution Vulnerability in Citrix ADCs and Gateways

Citrix urges customers to apply mitigation steps for CVE-2019-19781, a remote code execution vulnerability exploitable through specially crafted HTTP requests to vulnerable devices.
Contexto
Citrix has released an advisory for CVE-2019-19781, a vulnerability in Citrix Application Delivery Controller (ADC) and Citrix Gateway that could allow an unauthenticated attacker to execute code on the affected devices. Users are encouraged to apply the provided mitigation steps as quickly as possible.
Análise
While Citrix does not detail the exact nature of the vulnerability in the advisory, the recommended mitigation steps seem to block HTTP based VPN requests with additional components that could potentially contain code. This implies that there is unsanitized code in the VPN handler for these devices. The mitigation, therefore checks for incoming HTTP-based VPN requests, and sends a 403 FORBIDDEN response whenever requests with the exploit format are detected.
According to Citrix, the following devices are identified as vulnerable:
- Citrix ADC and Citrix Gateway version 13.0 all supported builds
- Citrix ADC and NetScaler Gateway version 12.1 all supported builds
- Citrix ADC and NetScaler Gateway version 12.0 all supported builds
- Citrix ADC and NetScaler Gateway version 11.1 all supported builds
- Citrix NetScaler ADC and NetScaler Gateway version 10.5 all supported builds
Solução
Depending on an organization's device setup, mitigation options are listed for each Citrix device configuration to mitigate this vulnerability. Citrix has stated that an update will be available at a later date, at which time users can remove the mitigation and upgrade.
Identificação de sistemas afetados
A list of Tenable plugins to identify this vulnerability will appear here as they’re released.
Obtenha mais informações
Junte-se à equipe de resposta de segurança da Tenable na Tenable.
Saiba mais sobre a Tenable, a primeira plataforma de Cyber Exposure para o gerenciamento holístico da sua superfície de ataque moderna.
Obtenha uma avaliação gratuita por 30 dias do Vulnerability Management da Tenable.io.
Artigos relacionados
- Gerenciamento de vulnerabilidades