Citrix Patches Critical Vulnerability in ADC, Gateway


The most severe of the two bugs is CVE-2021-22955, a critical security hole that could lead to a DoS condition on appliances that have been configured as a VPN (Gateway) or AAA virtual server.

The security flaw was identified in Citrix Application Delivery Controller (ADC, formerly NetScaler ADC), and Gateway (formerly NetScaler Gateway).

Tracked as CVE-2021-22956, the second flaw could lead to the temporary disruption of the Management GUI, Nitro API, and RPC communication.