Situation
A vulnerability (CVE-2019-19781) with a severity score of 9.8 has been identified in Citrix Application Delivery Controller, Citrix Gateway, and Citrix SD-WAN WANOP appliance.
This vulnerability affects the following supported product versions on all supported platforms:
• Citrix ADC and Citrix Gateway version 13.0 all supported builds before 13.0.47.24
• NetScaler ADC and NetScaler Gateway version 12.1
• NetScaler ADC and NetScaler Gateway version 12.0
• NetScaler ADC and NetScaler Gateway version 11.1
• NetScaler ADC and NetScaler Gateway version 10.5
• Citrix SD-WAN WANOP appliance models 4000-WO, 4100-WO, 5000-WO, and 5100-WO
Problem
The vulnerability (CVE-2019-19781) can allow an unauthenticated remote attacker to perform an arbitrary code execution.
Implication
If exploited this vulnerability that could effectively allow an attacker to run a command on your system, download and/or install malware, and read or modify files on the system.
Need
Citrix has released updates for this vulnerability and strongly urges affected customers to immediately upgrade.
Learn More
https://support.citrix.com/article/CTX267027
https://nvd.nist.gov/vuln/detail/CVE-2019-19781#vulnCurrentDescriptionTitle
