Citrix announced new vulnerabilities discovered in Citrix ADC and Citrix Gateway. These vulnerabilities have the following identifiers:
Affected versions of Citrix ADC and Citrix Gateway: (Citrix ADC and Citrix Gateway version 13.1 is unaffected.)
To determine if their Citrix ADC or Citrix Gateway is configured as a SAML SP or a SAML, review the ns.conf file located under /flash/nsconfig.
To view the ns.conf file via an FTP client:
To review via command line:
sh run | grep samlAction
sh run | grep samlIdPProfile
Citrix recommends that affected customers install the relevant updated versions of Citrix ADC or Citrix Gateway as soon as possible.
If you would like more information or assistance from our industry leading team of Citrix experts to plan and execute the upgrade, please contact us at firstname.lastname@example.org.