vulnerability

Citrix Application Delivery Management CVE-2022-27511

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
8	(AV:N/AC:L/Au:N/C:N/I:C/A:N)	Jun 16, 2022	Jun 22, 2022	Jun 18, 2025

Severity

CVSS

(AV:N/AC:L/Au:N/C:N/I:C/A:N)

Published

Jun 16, 2022

Added

Jun 22, 2022

Modified

Jun 18, 2025

Description

On versions of Citrix ADM 13.1 before 13.1-21.53 and Citrix ADM 13.0 before 13.0-85.19. Corruption of the system by a remote, unauthenticated user may occur. The impact of this can include the reset of the administrator password at the next device reboot, allowing an attacker with ssh access to connect with the default administrator credentials after the device has rebooted. We do not currently do not have support for 13.1+ versions via this check

Solution

citrix-adm-upgrade-latest

References

CVE-2022-27511
https://attackerkb.com/topics/CVE-2022-27511
https://support.citrix.com/article/CTX460016/citrix-application-delivery-management-security-bulletin-for-cve202227511-and-cve202227512

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report