|Product||Citrix ADC, Gateway and SD-WAN WANOP|
|Type||Denial of Service|
Various Citrix systems are susceptible to a remote Denial of Service condition via malformed traffic sent to nsconfigd, which by default listens on TCP port 3010. Parsing of the unexpected traffic causes the daemon to go into an infinite loop, after which it will be restarted by the pitboss system watchdog; after 6 restarts the system will reboot.
Attackers can remotely deny access to the system or resources reliant upon it, causing a permanent outage with repeated exploitation.
Deploy network-based access controls in front of the management interface; Citrix strongly recommends that network traffic to the appliance’s management interface is separated, either physically or logically, from normal network traffic.
Deploy updated versions of the affected components. For a table listing supported versions, refer to https://support.citrix.com/article/CTX281474.
|2020-05-19||Issue reported to vendor|
|2020-05-19||Citrix response, tracking as CASE-8024|