Security bug: Users can change Citrix WI Site by changing path in URL

April 6, 2012 Leave a comment

At first I thought I was going out of my mind, fortunately Citrix Tech Support has confirmed this bug and are working on a solution.

netscaler_bug

Installing a brand new pair of Citrix NetScaler MPX 5500 with the latest Citrix NetScaler build (9.3-55.6).

The Citrix NetScaler security design was made so to create 9 Access Gateway Virtual Servers all with their own Citrix Web Interface site so that all the traffic could be isolated and different kinds of security measures could be applied to the different Access Gateway Virtual Servers. There are multiple Citrix XenApp Farms in de backend where the different users would land depending of the target audience.

Read more of this post

Filed under Access Gateway, Bugs, Citrix, NetScaler, Other, Web Interface Tagged with

Follow

Get every new post delivered to your Inbox.

Join 260 other followers