Corruption of the system by a remote, unauthenticated user potentially leading to the reset of the administrator password
CVE-2022-27511

8.1HIGH

Key Information:

Vendor: Citrix
Status: Citrix Application Delivery Management (citrix Adm)
Vendor: CVE Published:; 16 June 2022

Summary

Corruption of the system by a remote, unauthenticated user. The impact of this can include the reset of the administrator password at the next device reboot, allowing an attacker with ssh access to connect with the default administrator credentials after the device has rebooted.

Affected Version(s)

Citrix Application Delivery Management (Citrix ADM) < 13.1-21.53

Citrix Application Delivery Management (Citrix ADM) < 13.0-85.19

References

https://support.citrix.com/article/CTX460016/citrix-appli...

x_refsource_MISC

CVSS V3.1

Score:

8.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jun 16, 2022
Vulnerability Reserved
Mar 21, 2022

Collectors

NVD DatabaseMitre Database