Security Vulnerabilities fixed in NetScaler Gateway CTX297155

description-logoDescription

Citrix/NetScaler Gateway suffer from improper access control allowing SAML authentication hijack through a phishing attack to steal a valid user session. Note that Citrix ADC or Citrix Gateway must be configured as a SAML SP or a SAML IdP for this to be possible. Other vulnerabilities include uncontrolled resource consumption by way of a network-based denial-of-service from within the same Layer 2 network segment. Note that the attacker must be in the same Layer 2 network segment as the vulnerable appliance. There is also vulnerable to escalation of privileges on the management interface, denial of service attack originating from the management network, leads to an HTML Injection attack against the SSL VPN web portal.

affected-products-logoAffected Applications

NetScaler Gateway