Jump to content
Welcome to our new Citrix community!

Looking for Citrix statement on CVE-2021-44228 Log4j


Jim Heintz

Recommended Posts

Work in-progress it appears. Keep on eye on this page https://support.citrix.com/article/CTX335705

 

Beyond knowing if our Citrix products are directly affected, and I hope they are not because I've seen mutliple attempts at accessing these vulnerabilities in our logging, I am more interested in how the Citrix ADC can be utilised to plug this security hole for services they reverse proxy.

 

Eg picking up the exploit \$\{jndi:(ldap[s]?|rmi|dns):/[^\n]+ being used in user-agent or request body, and terminating the session.

I'm brand new in here, never working with Citrix ADCs before, just F5 BigIP so any help would be appreciated.

 

 

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...