Citrix is urging customers to install security updates for a critical authentication bypass vulnerability in Citrix ADC and Citrix Gateway.
“Note that only appliances that are operating as a Gateway are affected by the first issue, which is rated as a Critical severity vulnerability,” explains the Citrix security bulletin.
Citrix Gateway is an SSL VPN service providing secure remote access with identity and access management capabilities, widely deployed in the cloud or on on-premise company servers.
Citrix ADC is a load-balancing solution for cloud applications deployed in the enterprise, ensuring uninterrupted availability and optimal performance.
“Affected customers of Citrix ADC and Citrix Gateway are recommended to install the relevant updated versions of Citrix ADC or Citrix Gateway as soon as possible,” warns Citrix.
Users of these product versions who manage Citrix appliances themselves need to upgrade to the latest available version as soon as possible.