TechTalkThai ศูนย์รวมข่าว Enterprise IT ออนไลน์แห่งแรกในประเทศไทย
มีแพตช์ใหม่จาก Citrix จำนวน 11 รายการ ที่ส่งผลกระทบต่อผลิตภัณฑ์ ADC, Gateway และ SD-WAN WANOP (Appliance โมเดล 4000-WO, 4100-WO, 5000-WO และ 5100-WO) ด้วยเหตุนี้จึงแนะนำให้ผู้ใช้งานเร่งอัปเดต
ช่องโหว่ทั้ง 11 รายการมีดังนี้
| CVE ID | Vulnerability Type | Affected Products | Attacker Privileges | Pre-conditions |
| CVE-2019-18177 | Information disclosure | Citrix ADC, Citrix Gateway | Authenticated VPN user | Requires a configured SSL VPN endpoint |
| CVE-2020-8187 | Denial of service | Citrix ADC, Citrix Gateway 12.0 and 11.1 only | Unauthenticated remote user | Requires a configured SSL VPN or AAA endpoint |
| CVE-2020-8190 | Local elevation of privileges | Citrix ADC, Citrix Gateway | Authenticated user on the NSIP | This issue cannot be exploited directly. An attacker must first obtain nobody privileges using another exploit |
| CVE-2020-8191 | Reflected Cross Site Scripting (XSS) | Citrix ADC, Citrix Gateway, Citrix SDWAN WANOP | Unauthenticated remote user | Requires a victim who must open an attacker-controlled link in the browser while being on a network with connectivity to the NSIP |
| CVE-2020-8193 | Authorization bypass | Citrix ADC, Citrix Gateway, Citrix SDWAN WANOP | Unauthenticated user with access to the NSIP | Attacker must be able to access the NSIP |
| CVE-2020-8194 | Code Injection | Citrix ADC, Citrix Gateway, Citrix SDWAN WANOP | Unauthenticated remote user | Requires a victim who must download and execute a malicious binary from the NSIP |
| CVE-2020-8195 | Information disclosure | Citrix ADC, Citrix Gateway, Citrix SDWAN WANOP | Authenticated user on the NSIP | – |
| CVE-2020-8196 | Information disclosure | Citrix ADC, Citrix Gateway, Citrix SDWAN WANOP | Authenticated user on the NSIP | – |
| CVE-2020-8197 | Elevation of privileges | Citrix ADC, Citrix Gateway | Authenticated user on the NSIP | – |
| CVE-2020-8198 | Stored Cross Site Scripting (XSS) | Citrix ADC, Citrix Gateway, Citrix SDWAN WANOP | Unauthenticated remote user | Requires a victim who must be logged in as an administrator (nsroot) on the NSIP |
| CVE-2020-8199 | Local elevation of privileges | Citrix Gateway Plug-in for Linux | Local user on the Linux computer running Citrix Gateway Plug-in | A pre-installed version of Citrix Gateway Plug-in for Linux must be running |
ทั้งนี้หากคนร้ายโจมตีช่องโหว่ได้สำเร็จอาจจะนำไปสู่การแทรกแซงระบบได้ แม้ว่ายังไม่พบการโจมตีในช่องโหว่ดังกล่าวแต่ Citrix ก็แนะนำให้ผู้ใช้งานตามอัปเดตกันครับ โดยการอัปเดตเป็นเวอร์ชันล่าสุดดังนี้
Citrix ADC and Citrix Gateway 13.0-58.30 and later releases
- Citrix ADC and NetScaler Gateway 12.1-57.18 and later 12.1 releases
- Citrix ADC and NetScaler Gateway 12.0-63.21 and later 12.0 releases
- Citrix ADC and NetScaler Gateway 11.1-64.14 and later 11.1 releases
- NetScaler ADC and NetScaler Gateway 10.5-70.18 and later 10.5 releases
- Citrix SD-WAN WANOP 11.1.1a and later releases
- Citrix SD-WAN WANOP 11.0.3d and later 11.0 releases
- Citrix SD-WAN WANOP 10.2.7 and later 10.2 releases
- Citrix Gateway Plug-in for Linux 1.0.0.137 and later versions
