AI description
CVE-2022-27510 is an authentication bypass vulnerability affecting Citrix ADC (Application Delivery Controller) and Citrix Gateway. Disclosed on November 8, 2022, it allows unauthorized access to Gateway user capabilities. To be vulnerable, the server must be configured as a Gateway (SSL VPN, ICA Proxy, CVPN, RDP Proxy). The vulnerability is classified as an authentication bypass using an alternate path or channel and improper authentication. It affects multiple versions of Citrix ADC and Citrix Gateway, specifically versions 13.1 before 13.1-33.47, 13.0 before 13.0-88.12, and 12.1 before 12.1-65.21, as well as Citrix ADC 12.1-FIPS before 12.1-55.289 and Citrix ADC 12.1-NDcPP before 12.1-55.289. An unauthenticated remote attacker can exploit this vulnerability by sending malicious packets to the target device, resulting in authentication bypass access to background services.
- Description
- Unauthorized access to Gateway user capabilities
- Source
- secure@citrix.com
- NVD status
- Modified
CVSS 3.1
- Type
- Primary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
- Hype score
- Not currently trending
Ransomware vulns with highest exploit likelihood ⬆️ (past 30d): - CVE-2015-2291 (IQVW32.sys (BYO..) +23.34% - CVE-2024-26169 (Windows Error R..) +9.58% - CVE-2023-20269 (ASA..) +6.84% - CVE-2023-20269 (FTD..) +6.84% - CVE-2022-27510 (NetScaler ADC..) +6.76%
@DefusedCyber
15 Sept 2025
8370 Impressions
10 Retweets
79 Likes
38 Bookmarks
1 Reply
1 Quote
Ransomware vulns with highest exploit likelihood ⬆️ (past 30d): - CVE-2025-53770 (SharePoint..) +25.40% - CVE-2023-20269 (ASA..) +24.24% - CVE-2023-20269 (FTD..) +24.24% - CVE-2024-26169 (Windows Error R..) +9.58% - CVE-2022-27510 (NetScaler ADC..) +6.76%
@DefusedCyber
8 Sept 2025
5121 Impressions
9 Retweets
43 Likes
18 Bookmarks
2 Replies
2 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:citrix:gateway:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "710A9915-E94D-4AB3-9077-904185CD835C",
"versionEndExcluding": "12.1-65.21",
"versionStartIncluding": "12.1"
},
{
"criteria": "cpe:2.3:a:citrix:gateway:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "21A12502-B9D9-4ED0-9E90-F27317338831",
"versionEndExcluding": "13.0-88.12",
"versionStartIncluding": "13.0"
},
{
"criteria": "cpe:2.3:a:citrix:gateway:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5C237286-B459-4FF4-810A-13740D2207E3",
"versionEndExcluding": "13.1-33.41",
"versionStartIncluding": "13.1"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:citrix:application_delivery_controller_firmware:*:*:*:*:-:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0DD814B7-CD70-4AAA-B8C5-AEF4DBD1055A",
"versionEndExcluding": "12.1-65.21",
"versionStartIncluding": "12.1"
},
{
"criteria": "cpe:2.3:o:citrix:application_delivery_controller_firmware:*:*:*:*:-:*:*:*",
"vulnerable": true,
"matchCriteriaId": "51A18C6F-58A9-4924-AEBA-2AC1846055BA",
"versionEndExcluding": "13.0-88.12",
"versionStartIncluding": "13.0"
},
{
"criteria": "cpe:2.3:o:citrix:application_delivery_controller_firmware:*:*:*:*:-:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BBEEB7CC-13B3-49D9-9C1C-B31A8274943E",
"versionEndExcluding": "13.1-33.47",
"versionStartIncluding": "13.1"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:citrix:application_delivery_controller:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "80E69E10-6F40-4FE4-9D84-F6C25EAB79D8"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:citrix:application_delivery_controller_firmware:*:*:*:*:fips:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9A9A7C22-9E06-45AF-8A7C-8BEB12FDDFE2",
"versionEndExcluding": "12.1-55.289",
"versionStartIncluding": "12.1"
},
{
"criteria": "cpe:2.3:o:citrix:application_delivery_controller_firmware:*:*:*:*:ndcpp:*:*:*",
"vulnerable": true,
"matchCriteriaId": "78FC158E-7881-448B-A2BA-19CBC3BF646C",
"versionEndExcluding": "12.1-55.289",
"versionStartIncluding": "12.1"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:citrix:application_delivery_controller:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "80E69E10-6F40-4FE4-9D84-F6C25EAB79D8"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]