security focus: Citrix security bulletin CTX276688 (9th JUl 2020)

Preface: Typically, North-South traffic is load balanced by Ingress devices such as Citrix ADCs while East-West traffic is load balanced by kube-proxy. Since kube-proxy only provides limited layer-4 load balancing, service owners can utilize the Citrix ingress controller to achieve sophisticated layer-7 controls for East-West traffic using the Ingress CPX ADCs.

Security Focus: With reference with Citrix technical article (Security Bulletin CTX276688). There are total of 11 vulnerabilities. Because of CVE-2020-8191 (Reflected Cross Site Scripting (XSS)). And therefore it provides a way for attacker utilize XSS vulnerability to steal the session cookie. This design weakness is similar to responding to other vulnerabilities that require user credentials.

Background: The NSIP address is the IP address at which you access the Citrix ADC appliance for management purposes. The appliance can have only one NSIP, which is also called the management IP address. You must add this IP address when you configure the Citrix ADC for the first time. You cannot remove an NSIP address.

Vulnerability detail: Citrix ADC and Citrix Gateway could allow a remote authenticated attacker to gain elevated privileges on the system, caused by an unspecified flaw. By sending a specially-crafted request, an authenticated attacker could exploit this vulnerability to gain elevated privilege. Utilize XSS vulnerability to steal the session cookie.

Official announcement –

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.