SAML Authentication Hijack in Citrix ADC and Gateway
CVE-2021-22920

6.5MEDIUM

Key Information:

Vendor: Citrix
Status: Citrix Adc, Citrix Gateway
Vendor: CVE Published:; 5 August 2021

What is CVE-2021-22920?

A vulnerability has been identified in Citrix ADC and Citrix Gateway that exposes users to phishing attacks via SAML authentication hijacks. This exploit can allow attackers to steal valid user sessions, leading to unauthorized access and potential data breaches. Affected models include the Citrix SD-WAN WANOP Edition 4000-WO, 4100-WO, 5000-WO, and 5100-WO, making it crucial for users to implement appropriate security measures.

Affected Version(s)

Citrix ADC, Citrix Gateway Citrix ADC and Citrix Gateway 13.0-82.45 and later releases of 13.0

Citrix ADC, Citrix Gateway Citrix ADC and Citrix Gateway 12.1-62.27 and later releases of 12.1

References

https://support.citrix.com/article/CTX319135

x_refsource_MISC

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 5, 2021
Vulnerability Reserved
Jan 6, 2021