CVE-2021-22956

7.5HIGH

Key Information

Vendor: Citrix
Status: Citrix Adc, Citrix Gateway, Citrix Sdwan
Vendor: CVE Published:; 7 December 2021

Summary

An uncontrolled resource consumption vulnerability exists in Citrix ADC <13.0-83.27, <12.1-63.22 and 11.1-65.23 that could allow an attacker with access to NSIP or SNIP with management interface access to cause a temporary disruption of the Management GUI, Nitro API, and RPC communication.

Affected Version(s)

Citrix ADC, Citrix Gateway, Citrix SDWAN = Citrix ADC 11.1,12.1,13.0,13.1

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published.
Dec 7, 2021
Vulnerability Reserved.
Jan 6, 2021

Collectors

NVD DatabaseMitre Database