Sunday, May 12, 2019

On CVE-2019-11550


Citrix SD-WAN Security Update (CTX247735)

An information disclosure vulnerability has been identified in the Citrix SD-WAN Appliance. This  vulnerability could allow an unauthenticated attacker to perform a man-in-the-middle attack against management traffic.




CVE-2019-11550 – Information Disclosure in Citrix SD-WAN Appliance 10.2.x before 10.2.2 and NetScaler SD-WAN Appliance 10.0.x before 10.0.7.


How it works?
Slides 44-45.

ftp://ftp.ccc.de/congress/2018/slides-pdf/35c3-9446-sd-wan_a_new_hop.pdf



Affected Versions:

• All versions of NetScaler SD-WAN 9.x *

• All versions of NetScaler SD-WAN 10.0.x earlier than 10.0.7

• All versions of Citrix SD-WAN 10.1.x *

• All versions of Citrix SD-WAN 10.2.x earlier than 10.2.2

*  Upgrade to 10.0.7 or 10.2.2 for security update

Kudos

Sergey Gordeychik, Denis Kolegov, and Nikita Oleksov of SD-WAN New Hop(e) team

Enjoy

1 comment:

  1. Hello Everybody,
    My name is Mrs Sharon Sim. I live in Singapore and i am a happy woman today? and i told my self that any lender that rescue my family from our poor situation, i will refer any person that is looking for loan to him, he gave me happiness to me and my family, i was in need of a loan of $250,000.00 to start my life all over as i am a single mother with 3 kids I met this honest and GOD fearing man loan lender that help me with a loan of $250,000.00 SG. Dollar, he is a GOD fearing man, if you are in need of loan and you will pay back the loan please contact him tell him that is Mrs Sharon, that refer you to him. contact Dr Purva Pius, call/whats-App Contact Number +918929509036 via email:(urgentloan22@gmail.com) Thank you.

    ReplyDelete