CVE-2019-19781 - Vulnerability in Citrix Application Delivery Controller, Citrix Gateway, and Citrix SD-WAN WANOP appliance

On the evening of January 19^th Citrix issued a permanent fix to a vulnerability they previously announced and to which a proof of concept exploit was subsequently made available. This vulnerability affected Citrix customers who use their load balancers, including Ceridian.

In response to Citrix’s issue, Ceridian:

Worked with Citrix and followed all recommended steps, including applying their temporary mitigation;
Changed all load balancer passwords;
Rebuilt all load balancers with the permanent fix
Updated SSL certificates as a precautionary step

At this time, Ceridian has no evidence of access to, nor exfiltration or manipulation of Ceridian customer data as a result of this vulnerability.

Find anything about our product, search our documentation, and more. Enter a query in the search input above, and results will be displayed as you type.

Dayforce

HCM software for 100–6000+ employees

Powerpay

HR payroll software for 1–99 employees

CVE-2019-19781 - Vulnerability in Citrix Application Delivery Controller, Citrix Gateway, and Citrix SD-WAN WANOP appliance