CVE-2021-22919 — HIGH (7.5)

Q: How severe is CVE-2021-22919?

CVE-2021-22919 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2021-22919?

Check the references section above for vendor advisories and patch information. Affected products include: Citrix Application Delivery Controller Firmware, Citrix Application Delivery Controller, Citrix Mpx\/Sdx 14030 Fips, Citrix Mpx\/Sdx 14060 Fips, Citrix Mpx\/Sdx 14080 Fips.

Vulnerability Description

A vulnerability has been discovered in Citrix ADC (formerly known as NetScaler ADC) and Citrix Gateway (formerly known as NetScaler Gateway), and Citrix SD-WAN WANOP Edition models 4000-WO, 4100-WO, 5000-WO, and 5100-WO. These vulnerabilities, if exploited, could lead to the limited available disk space on the appliances being fully consumed.

CVSS Score

7.5

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

NONE

Availability

HIGH

Affected Products

Vendor	Product	Versions
Citrix	Application Delivery Controller Firmware	>= 11.1, < 11.1-65.22
Citrix	Application Delivery Controller	-
Citrix	Mpx\/Sdx 14030 Fips	-
Citrix	Mpx\/Sdx 14060 Fips	-
Citrix	Mpx\/Sdx 14080 Fips	-
Citrix	Mpx 15030-50G Fips	-
Citrix	Mpx 15040-50G Fips	-
Citrix	Mpx 15060-50G Fips	-
Citrix	Mpx 15080-50G Fips	-
Citrix	Mpx 15100-50G Fips	-
Citrix	Mpx 15120-50G Fips	-
Citrix	Mpx 8905 Fips	-
Citrix	Mpx 8910 Fips	-
Citrix	Mpx 8920 Fips	-
Citrix	Gateway	>= 12.1, < 12.1-62.27
Citrix	Netscaler Gateway	>= 11.1, < 11.1-65.22
Citrix	Sd-Wan Wanop	>= 10.2, < 10.2.9.b
Citrix	4000-Wo	-
Citrix	4100-Wo	-
Citrix	5000-Wo	-

Related Weaknesses (CWE)

CWE-770

References

https://support.citrix.com/article/CTX319135Vendor Advisory
https://support.citrix.com/article/CTX319135Vendor Advisory

FAQ

What is CVE-2021-22919?

CVE-2021-22919 is a vulnerability with a CVSS score of 7.5 (HIGH). A vulnerability has been discovered in Citrix ADC (formerly known as NetScaler ADC) and Citrix Gateway (formerly known as NetScaler Gateway), and Citrix SD-WAN WANOP Edition models 4000-WO, 4100-WO, 5...

How severe is CVE-2021-22919?

CVE-2021-22919 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2021-22919?

Check the references section above for vendor advisories and patch information. Affected products include: Citrix Application Delivery Controller Firmware, Citrix Application Delivery Controller, Citrix Mpx\/Sdx 14030 Fips, Citrix Mpx\/Sdx 14060 Fips, Citrix Mpx\/Sdx 14080 Fips.