{"id":6350,"date":"2023-01-04T10:06:23","date_gmt":"2023-01-04T15:06:23","guid":{"rendered":"https:\/\/etek.com\/es\/?p=6350"},"modified":"2023-01-04T10:06:23","modified_gmt":"2023-01-04T15:06:23","slug":"vulnerabilidades-de-servidores-citrix","status":"publish","type":"post","link":"https:\/\/etek.com\/es\/vulnerabilidades-de-servidores-citrix\/","title":{"rendered":"Vulnerabilidades de servidores Citrix"},"content":{"rendered":"\t\t<div data-elementor-type=\"wp-post\" data-elementor-id=\"6350\" class=\"elementor elementor-6350\" data-elementor-post-type=\"post\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-1ebc087b elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"1ebc087b\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-1e5f8e27\" data-id=\"1e5f8e27\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-1dcb0c37 elementor-widget elementor-widget-text-editor\" data-id=\"1dcb0c37\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<style>\/*! elementor - v3.20.0 - 13-03-2024 *\/\n.elementor-widget-text-editor.elementor-drop-cap-view-stacked .elementor-drop-cap{background-color:#69727d;color:#fff}.elementor-widget-text-editor.elementor-drop-cap-view-framed .elementor-drop-cap{color:#69727d;border:3px solid;background-color:transparent}.elementor-widget-text-editor:not(.elementor-drop-cap-view-default) .elementor-drop-cap{margin-top:8px}.elementor-widget-text-editor:not(.elementor-drop-cap-view-default) .elementor-drop-cap-letter{width:1em;height:1em}.elementor-widget-text-editor .elementor-drop-cap{float:left;text-align:center;line-height:1;font-size:50px}.elementor-widget-text-editor .elementor-drop-cap-letter{display:inline-block}<\/style>\t\t\t\t<!-- wp:paragraph -->\n<p><strong>Melanie Malag\u00f3n<\/strong> <strong>Cyber Intelligence Expert<\/strong><\/p>\n<!-- \/wp:paragraph -->\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-cbc5966 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"cbc5966\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-519e072\" data-id=\"519e072\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-9682d21 elementor-widget elementor-widget-text-editor\" data-id=\"9682d21\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<h6 style=\"text-align: center;\"><strong>Puntos finales de Citrix Application Delivery Controller (ADC) y Gateway siguen siendo vulnerables a dos fallas de seguridad cr\u00edticas.<\/strong><\/h6>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-791d1da elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"791d1da\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-33 elementor-top-column elementor-element elementor-element-6e8007a\" data-id=\"6e8007a\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-cba0481 elementor-widget elementor-widget-image\" data-id=\"cba0481\" data-element_type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<style>\/*! elementor - v3.20.0 - 13-03-2024 *\/\n.elementor-widget-image{text-align:center}.elementor-widget-image a{display:inline-block}.elementor-widget-image a img[src$=\".svg\"]{width:48px}.elementor-widget-image img{vertical-align:middle;display:inline-block}<\/style>\t\t\t\t\t\t\t\t\t\t<img decoding=\"async\" src=\"https:\/\/etek.com\/es\/wp-content\/uploads\/2023\/01\/Captura.png\" title=\"\" alt=\"\" loading=\"lazy\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t<div class=\"elementor-column elementor-col-66 elementor-top-column elementor-element elementor-element-a9d0bb7\" data-id=\"a9d0bb7\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-e209c66 elementor-widget elementor-widget-text-editor\" data-id=\"e209c66\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>Las siguientes vulnerabilidades con puntaje CVSS: 9.8 fueron mencionadas por el proveedor desde el 8 de noviembre y el 13 de diciembre del presente a\u00f1o:<\/p>\n<ul>\n<li><strong>CVE-2022-27510: <\/strong>Vulnerabilidad omisi\u00f3n de autenticaci\u00f3n para obtener acceso no autorizado.<\/li>\n<li><strong>CVE-2022-27518: <\/strong>Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo que podr\u00eda permitir la toma de control de los sistemas afectados.<\/li>\n<\/ul>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-3fc990b elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"3fc990b\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-7ae90b4\" data-id=\"7ae90b4\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-e3ba594 elementor-widget elementor-widget-text-editor\" data-id=\"e3ba594\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<h6>Productos vulnerables:<\/h6>\n<p>Citrix ADC y Citrix Gateway 13.1 antes de 13.1-33.47, Citrix ADC y Citrix Gateway 13.0 anteriores a 13.0- 88.12, Citrix ADC y Citrix Gateway 12.1 antes de 12.1.65.21, Citrix ADC 12.1-FIPS antes de 12.1-55.289, Citrix ADC 12.1-NDcPP anterior a 12.1-55.289, Citrix ADC y Citrix Gateway 13.0 antes de 13.0-58.32, Citrix ADC y Citrix Gateway 12.1 antes de 12.1-65.25, Citrix ADC 12.1-FIPS antes de 12.1-55.291, Citrix ADC 12.1- NDcPP anterior a 12.1-55.291.<\/p>\n<h6 style=\"text-align: center;\">RECOMENDACIONES<\/h6>\n<p>Se recomienda a los clientes afectados de Citrix ADC y Citrix Gateway que instalen las versiones actualizadas relevantes de Citrix ADC o Citrix Gateway lo antes posible, ya que de acuerdo a un an\u00e1lisis del equipo de investigaci\u00f3n <strong>Fox-IT de NCC Group<\/strong>, m\u00faltiples servidores Citrix con acceso a Internet no tienen parches, lo que los convierte en un blanco para tener ataques:<\/p>\n<h6>Vulnerabilidad: CVE-2022-27510<\/h6>\n<ul>\n<li><strong>\u00a0<\/strong>Citrix ADC y Citrix Gateway 1-33.47 y versiones posteriores.<\/li>\n<li>Citrix ADC y Citrix Gateway 0-88.12 y versiones posteriores de 13.0.<\/li>\n<li>Citrix ADC y Citrix Gateway 1-65.21 y versiones posteriores de 12.1.<\/li>\n<li>Citrix ADC 1-FIPS 12.1-55.289 y versiones posteriores de 12.1-FIPS.<\/li>\n<li>Citrix ADC 1-NDcPP 12.1-55.289 y versiones posteriores de 12.1-NDcPP.<\/li>\n<\/ul>\n<h6>Vulnerabilidad: CVE-2022-27518<\/h6>\n<ul>\n<li><strong>\u00a0<\/strong>Citrix ADC y Citrix Gateway 0-58.32 y versiones posteriores.<\/li>\n<li>Citrix ADC y Citrix Gateway 1-65.25 y versiones posteriores de 12.1.<\/li>\n<li>Citrix ADC 1-FIPS 12.1-55.291 y versiones posteriores de 12.1-FIPS.<\/li>\n<li>Citrix ADC 1-NDcPP 12.1-55.291 y versiones posteriores de 12.1-NDcPP.<\/li>\n<\/ul>\n<h6 style=\"text-align: center;\">FUENTES<\/h6>\n<ul>\n<li><strong>\u00a0<\/strong><a href=\"https:\/\/thehackernews.com\/2022\/12\/thousands-of-citrix-servers-still.html\">https:\/\/thehackernews.com\/2022\/12\/thousands-of-citrix-servers-still.html<\/a><\/li>\n<li><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-27510\">https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-27510<\/a><\/li>\n<li><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-27518\">https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-27518<\/a><\/li>\n<li><a href=\"https:\/\/support.citrix.com\/article\/CTX474995\/citrix-adc-and-citrix-gateway-security-bulletin-for-cve202227518\">https:\/\/support.citrix.com\/article\/CTX474995\/citrix-adc-and-citrix-gateway-security-bulletin-for-cve202227518<\/a><\/li>\n<li><a href=\"https:\/\/support.citrix.com\/article\/CTX463706\/citrix-gateway-and-citrix-adc-security-bulletin-for-cve202227510-cve202227513-and-cve202227516\">https:\/\/support.citrix.com\/article\/CTX463706\/citrix-gateway-and-citrix-adc-security-bulletin-for-cve202227510-cve202227513-and- cve202227516<\/a><\/li>\n<\/ul>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-a402227 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"a402227\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-38b3b0f\" data-id=\"38b3b0f\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-de8aca8 elementor-widget elementor-widget-image\" data-id=\"de8aca8\" data-element_type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t<img decoding=\"async\" src=\"https:\/\/etek.com\/es\/wp-content\/uploads\/2022\/05\/Imagen2.png\" title=\"\" alt=\"\" loading=\"lazy\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-1eb7af0 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"1eb7af0\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-a23e9ab\" data-id=\"a23e9ab\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-37cfc31 elementor-widget elementor-widget-text-editor\" data-id=\"37cfc31\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p><a href=\"mailto:Info@etek.com\">Info@etek.com<\/a><\/p>\n<p><strong>Colombia\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 Per\u00fa\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0\u00a0<\/strong><span style=\"font-weight: 600; letter-spacing: 0px;\">India<\/span><\/p>\n<p>+57 (1) 2571520\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0+51\u00a0(1) 6124343\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0\u00a0<span style=\"letter-spacing: 0px;\">+91-9873451221<\/span><\/p>\n<p>\u00a0<\/p>\n<p>\u00a0<\/p>\n<p>\u00a0<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"<p>Melanie Malag\u00f3n Cyber Intelligence Expert Puntos finales de Citrix Application Delivery Controller (ADC) y Gateway siguen siendo vulnerables a dos fallas de seguridad cr\u00edticas. Las siguientes vulnerabilidades con puntaje CVSS: 9.8 fueron mencionadas por el proveedor desde el 8 de noviembre y el 13 de diciembre del presente a\u00f1o: CVE-2022-27510: Vulnerabilidad omisi\u00f3n de autenticaci\u00f3n para [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":6351,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"_links":{"self":[{"href":"https:\/\/etek.com\/es\/wp-json\/wp\/v2\/posts\/6350"}],"collection":[{"href":"https:\/\/etek.com\/es\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/etek.com\/es\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/etek.com\/es\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/etek.com\/es\/wp-json\/wp\/v2\/comments?post=6350"}],"version-history":[{"count":0,"href":"https:\/\/etek.com\/es\/wp-json\/wp\/v2\/posts\/6350\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/etek.com\/es\/wp-json\/"}],"wp:attachment":[{"href":"https:\/\/etek.com\/es\/wp-json\/wp\/v2\/media?parent=6350"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/etek.com\/es\/wp-json\/wp\/v2\/categories?post=6350"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/etek.com\/es\/wp-json\/wp\/v2\/tags?post=6350"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}