Citrix ADC is a link of networking products that are released by Citrix Systems. On 17th December 2019, Citrix introduced this security bulletin in order to detail any vulnerability in the Citrix system including Application Delivery Controller (ADC). Along with Citrix ADC (popularly known as NetScaler ADC), Citrix also introduced Citrix Gateway or NetScaler Gateway which could result in arbitrary code execution. In this article, we will explain to you the role of Citrix ADC and how to check the vulnerability in the Citrix ADC appliance.
The Role of Citrix ADC:
Being the core networking product of Citrix System, Citrix ADC helps to improve the productivity of the users. The application delivery controller is an effective tool to increase the quality of the application and delivery speed and results in a better digital experience for the end-users. Citrix ADC also helps in traffic optimization, online app acceleration, and the maintenance of data safety. This tool has also an effective role in monitoring the application and network traffic and server health. However, it is important to detect whether there is any vulnerability in your Citrix ADC appliance or not. You should also know the remedies if any vulnerability is detected.
How to Detect Vulnerability in Citrix ADC?
In order to detect the vulnerability in Citrix ADC appliances, we need to investigate the scripts of the Citrix ADC. In response to the Citrix ADC scripts, several experts have prepared unique scripts to assist the users in detecting the vulnerability in the Citrix ADC appliance.
This resulting script helps the users to check whether the mitigating action is globally bound and configured on Citrix ADC or NetScaler. This script is also effective to support the configuration of the responder policy. However, this script will not help the users to evade a potential loss in the admin functionality by performing the shell nsapimgr mitigation. Whenever you will run the script, it will just state a warning.
In order to trigger additional actions or functionalities, this script will function along with a couple of arguments. The script will perform to detect and check the vulnerability after the configuration of all the parameters to the default value “No”. If you want to configure the policy of the mitigation responder and ensure the global bonding of the policy, you have to set the parameters of setting configuration mitigation to “Yes”. You can also use the script to trigger a rollback if you need to do so. For that, you have to configure the Perform Rollback argument to “Yes”.
You will get the information about the responder policy on the basis of the retrieved information from the performed check. In order to kill the vulnerability, Citrix proposes to reboot the networking systems and connections. Following this suggestion, there is an argument in the script which you have to configure the argument to “Yes”. However, once you have attempted to reboot, you can not cancel it as the script is not interactive. In this way, with the help of the script, you can easily detect and solve the vulnerability in the Citrix ADC appliance.