Corruption of the system by a remote, unauthenticated user potentially leading to the reset of the administrator password

CVE-2022-27511

8.1HIGH

Key Information

Vendor: Citrix
Status: Citrix Application Delivery Management (citrix Adm)
Vendor: CVE Published:; 16 June 2022

Summary

Corruption of the system by a remote, unauthenticated user. The impact of this can include the reset of the administrator password at the next device reboot, allowing an attacker with ssh access to connect with the default administrator credentials after the device has rebooted.

Affected Version(s)

Citrix Application Delivery Management (Citrix ADM) < 13.1-21.53

Citrix Application Delivery Management (Citrix ADM) < 13.0-85.19

CVSS V3.1

Score:

8.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published.
Jun 16, 2022
Vulnerability Reserved.
Mar 21, 2022

Collectors

NVD DatabaseMitre Database