CVE-2022-27516
published 2022-11-08CVE-2022-27516: User login brute force protection functionality bypass
PriorityP343critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
0.60%
44.2th percentile
User login brute force protection functionality bypass
Affected
10 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| citrix | application_delivery_controller_firmware | >= 12.1 < 12.1-65.21 | 12.1-65.21 |
| citrix | application_delivery_controller_firmware | >= 12.1 < 12.1-55.289 | 12.1-55.289 |
| citrix | application_delivery_controller_firmware | >= 13.0 < 13.0-88.12 | 13.0-88.12 |
| citrix | application_delivery_controller_firmware | >= 13.1 < 13.1-33.47 | 13.1-33.47 |
| citrix | citrix_adc | — | — |
| citrix | citrix_gateway | — | — |
| citrix | gateway | >= 12.1 < 12.1-65.21 | 12.1-65.21 |
| citrix | gateway | >= 13.0 < 13.0-88.12 | 13.0-88.12 |
| citrix | gateway | >= 13.1 < 13.1-33.47 | 13.1-33.47 |
| citrix | xenserver | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Citrix
Citrix Gateway and Citrix ADC Security Bulletin for CVE-2022-27510 CVE-2022-27513 and CVE-2022-27516
vendor_citrix·2022-11-10·CVSS 9.8
CVE-2022-27510 [CRITICAL] CWE-288 Citrix Gateway and Citrix ADC Security Bulletin for CVE-2022-27510 CVE-2022-27513 and CVE-2022-27516
Citrix Gateway and Citrix ADC Security Bulletin for CVE-2022-27510 CVE-2022-27513 and CVE-2022-27516
CWE
CVE References: CVE-2022-27510, CVE-2022-27513, CVE-2022-27516
Affected Products: Citrix ADC, Citrix Gateway, XenServer
Severity: Critical
GHSA
GHSA-cjxq-x92m-g6gc: User login brute force protection functionality bypass
ghsa_unreviewed·2022-11-09
CVE-2022-27516 [CRITICAL] CWE-307 GHSA-cjxq-x92m-g6gc: User login brute force protection functionality bypass
User login brute force protection functionality bypass
No detection rules found.
No public exploits indexed.
2022-11-08
Published