Protection against CVE-2021-44790 for applications hosted internally with Citrix ADC WAF
Article ID: CTX336041
Updated On:
Description
This article describes how we can configure Citrix ADC WAF , for protection against CVE-2021-44790 for applications hosted internally .
Instructions
Default settings of AppFw profile will protect against CVE-2021-44790 and block all malformed multipart requests. No need to add a signature to address this exploit .
In case default settings are changed please ensure to have multipart/form-data in inspect content-types and keep the either:
- RFC Profile "APPFW_RFC_BLOCK" that comes with a default setting of "InvalidMultipartReqAction: block log stats" - This is the default rfc profile associated with appfw profile.
(or)
- RFC Profile "APPFW_RFC_BYPASS" that comes with a default setting of "InvalidMultipartReqAction: log stats" - This is not the default rfc profile. But if you are using this with appfw-profile, please ensure that the InvalidMultipartReqAction includes "block" in its settings. One could use the following command to do this,
Please find the image outlining the steps to check the profile settings for CVE-2021-44790
Was this article helpful?
Yes
No
Powered by
