Number: AV17-111
Date: 26 July 2017
Purpose
The purpose of this advisory is to bring attention to a recently released Citrix security bulletin.
Assessment
Citrix has released product updates to address a critical vulnerability that when exploited, may allow for arbitrary remote code execution.
Affected Version:
- All versions of Citrix SD-WAN 9.x Enterprise and Standard Edition earlier than version 9.2.1-1001
- All versions of Citrix CloudBridge 8.x Virtual WAN Edition
CVE Reference: CVE-2017-6316
Suggested Action
CCIRC recommends that system administrators test and deploy the vendor-released updates to affected applications accordingly.
References:
https://support.citrix.com/article/CTX225990
https://www.citrix.com/downloads/netscaler-sd-wan/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6316