Saturday, June 13, 2020

Citrix storage zone controllers security Issue

    The modern workplace involves a great amount of collaboration between team members and the generation of electronic documents for various purposes.  However, sharing these documents in a secure manner, especially with remote employees, has always been a troublesome issue. Citrix ShareFile is an application designed to solve that problem, but it was recently revealed that vulnerabilities in the application could lead to sharing files with more than just teammates
and other authorized personnel.


    Citrix ShareFile is a collaboration and file sharing tool designed to allow employees to securely exchange proprietary and sensitive business data. This could include product designs, financial data, security information, and much more. Citrix offers two ways to use ShareFile: Citrix hosted cloud storage or an on premises secure cloud instance that the customer manages. The storage can be split up into buckets, called storage zones, that are managed by one or more storage zone controllers.

    Multiple vulnerabilities were disclosed by Citrix in the storage zone controllers which could allow an unauthenticated attacker access to all of the files and documents managed by that controller. While the technical details on the vulnerabilities have not been released yet, they have been classified as CVE-2020-7473, CVE-2020-8982, and CVE-2020-8983.

    These vulnerabilities affect versions 5.9.0/5.8.0/5.7.0/5.6.0/5.5.0 and earlier. Companies that use the Citrix-hosted instances of ShareFile do not need to do anything to correct the issue as Citrix has already updated their storage zone controllers and storage zones. However, customer-managed storage zone controllers will need to be updated to 5.10.0+ or the x.x.1+ version of each of the
sub versions listed above. There is a caveat: any storage zones created by a storage zone controller running a vulnerable version will still have the vulnerability even if the controller is updated. Citrix released a mitigation tool that needs to be used on the storage zone controllers handling the affected zones, as well as instructions on how to do so.


    The modern workplace relies on electronic data sharing and collaboration, especially in today’s COVID-19 environment. While Citrix has tried to get ahead of these vulnerabilities, who knows if anyone has been exploiting these flaws before now. While data in storage and transmission will always be a spotlight area in cybersecurity, remember that things are not always as secure as they may seem.


Sources:
https://thehackernews.com/2020/05/citrix-sharefile-vulnerability.html

https://support.citrix.com/article/CTX269106