Impact of Open SSL 3.0 vulnerabilities CVE-2022-3602, CVE-2022-3786 on Citrix products

Impact of Open SSL 3.0 vulnerabilities CVE-2022-3602, CVE-2022-3786 on Citrix products

book

Article ID: CTX473026

calendar_today

Updated On:

Description

Citrix is aware of the vulnerabilities (CVE-2022-3602, CVE-2022-3786) that impact OpenSSL versions 3.0.0 to 3.0.6. 
 
Citrix continues to investigate any potential impact on Citrix-managed cloud services. If, as the investigation continues, any Citrix-managed services are found to be affected by this issue, Citrix will take immediate action to remediate the problem. Customers using Citrix-managed cloud services do not need to take any action.  
 
In parallel, Citrix continues to investigate the potential impact on customer-managed (on-premises) products. Please find below the present status of these products. 

Product  

Status  

Citrix ADC (NetScaler ADC) and Citrix Gateway (NetScaler Gateway)  

Not impacted (all platforms)  

Citrix Application Delivery Management (NetScaler MAS)  

Not impacted

Citrix Cloud Connector 

Not impacted 

Citrix Connector Appliance for Cloud Services  

Not impacted 

Citrix Content Collaboration (ShareFile Integration) – Citrix Files for Windows, Citrix Files for Mac, Citrix Files for Outlook  

Not impacted 

Citrix Endpoint Management (Citrix XenMobile Server)  

Not impacted 

Citrix Hypervisor (XenServer)  

Not impacted  

Citrix License Server  

Not impacted 

Citrix SD-WAN  

Not impacted

Citrix ShareFile StorageZones Controller  

Not impacted

Citrix Virtual Apps and Desktops (XenApp & XenDesktop)  

Not impacted

Citrix Workspace App for Linux 

Not impacted 

Citrix Workspace App for Mac 

Not impacted 

Citrix Workspace App for Windows 

Not impacted

Citrix Workspace App for HTML5

Impacted

 

The vulnerability affects the following supported versions of Citrix Workspace App for HTML5

  • Citrix Workspace App for HTML5 versions before 2211
What Customers should do:
Customers are recommended to upgrade to the following Citrix Workspace App for the HTML5 version:
  • Citrix Workspace App for HTML5 2211 or later versions

All customers are recommended to monitor this article for the latest updates. Customers may also subscribe to receive notifications at https://support.citrix.com/user/alerts.

Resolution

All customers are recommended to monitor this article for the latest updates. Customers may also subscribe to receive notifications at https://support.citrix.com/user/alerts 
 

Changelog

2022-11-02Initial Publication
2023-03-06Updated status for Citrix Workspace App for HTML5
2023-05-23Updated status for Citrix Application Delivery Management (NetScaler MAS)

 
Powered by Wolken Software