Re: Citrix Gateway & Cloud MFA - Insufficient Session Validation Vulnerability

Read Time:22 Second

Posted by Jens Timmerman on Jul 16

Hi,

I’ve been working with a lot of products I believe that are vulnerable
to a very similar exploit, and I was wondering how one should fix
this/protect against this attack?

I looked at
https://owasp.org/www-community/attacks/Session_hijacking_attack
<https://owasp.org/www-community/attacks/Session_hijacking_attack> but
the page linking to the related controls doesn’t seem to exist.

golang-1.23.8-1.fc40

FEDORA-2025-f974cb8ce5 Packages in this update: golang-1.23.8-1.fc40 Update description: Includes security fixes to the net/http package, as well as bug fixes...

April 14, 2025

golang-1.23.8-1.fc41

FEDORA-2025-77ace1a41b Packages in this update: golang-1.23.8-1.fc41 Update description: Includes security fixes to the net/http package, as well as bug fixes...

April 14, 2025

perl-5.40.2-517.fc42

FEDORA-2025-26c0346398 Packages in this update: perl-5.40.2-517.fc42 Update description: Fix CVE-2024-56406 Read More

April 14, 2025

perl-5.40.2-515.fc41

FEDORA-2025-11fcc87c66 Packages in this update: perl-5.40.2-515.fc41 Update description: Fix CVE-2024-56406 Read More

April 14, 2025

perl-5.38.4-508.fc40

FEDORA-2025-8445f115f6 Packages in this update: perl-5.38.4-508.fc40 Update description: Fix CVE-2024-56406 Read More

April 14, 2025

ruby-3.3.8-19.fc40

FEDORA-2025-9bef972bb9 Packages in this update: ruby-3.3.8-19.fc40 Update description: Upgrade to Ruby 3.3.8. CVE-2025-25186: Fix Net::IMAP vulnerable to possible DoS by...

April 14, 2025

New Malware ResolverRAT Targets Healthcare and Pharma Sectors

US Blocks Foreign Governments from Acquiring Citizen Data

China Sort of Admits to Being Behind Volt Typhoon

Digital Certificate Lifespans to Fall to 47 Days by 2029

AI Hallucinations Create “Slopsquatting” Supply Chain Threat

Medusa ransomware gang claims to have hacked NASCAR

NVD Revamps Operations as Vulnerability Reporting Surges

Friday Squid Blogging: Squid and Efficient Solar Tech

Google Cloud: Top 5 Priorities for Cybersecurity Leaders Today

Re: Citrix Gateway & Cloud MFA – Insufficient Session Validation Vulnerability

golang-1.23.8-1.fc40

golang-1.23.8-1.fc41

perl-5.40.2-517.fc42

perl-5.40.2-515.fc41

perl-5.38.4-508.fc40

ruby-3.3.8-19.fc40