Announcement: Cythera has joined forces with Bastion Security Group. Learn more
16 Nov / 2022
Cyber Security
CVE: CVE-2022-27510, CVE-2022-27513 and CVE-2022-27516
On November 8 Citrix published a security bulletin announcing fixes for 3 vulnerabilities in their Citrix ADC products. CVE-2022-27510 is an authentication bypass weakness allowing unauthenticated user access to the system and has a CVSS severity of 9.8/10. Citrix Gateways are high-value targets because of the function they serve providing access to the inside of your network and are exploited very quickly so organisations operating an impacted product should update these systems immediately.
These vulnerabilities affect Citrix ADC and Citrix Gateway Appliances when they are configured as: SSL VPN, ICA Proxy, RDP Proxy, CVPN and AAA Virtual Server. Citrix-managed cloud services are unaffected.
Please reach out to us via our contact us page if you are concerned.
The Perfect 10 - Remote Code Execution in Apache Log4j Requiring Emergency Patching
CVE: CVE-2021-44228 CVSS Score: 10 (Critical)What Is Vulnerable?: Apache Log4j Version 2.15-rc1 or prior. (All version prior to 2.15-rc1 are vu…
Read MorePrevention is Better Than Cure: Why Proactive Cloud Security Builds Business Resiliency
Securing the Cloud: Proactive Protection with Wiz & Cythera Securing IT systems has always been a massive undertaking, from the earliest comput…
Read MoreFortiguard Firewall heap-based buffer overflow Vulnerability
Fortiguard Firewall heap-based buffer overflow Vulnerability CVE: CVE-2022-42475What is Vulnerable: FortiOS version 7.2.0 through 7.2.2 Forti…
Read More