Microsoft announced on March 2 multiple CVEs, including CVE-2021-26855. Attackers are actively exploiting a server-side request forgery (SSRF) vulnerability to steal the full contents of several user mailboxes. This vulnerability is remotely exploitable and does not require authentication, nor does it require any special knowledge of or access to a target environment. Citrix recommends you follow Microsoft’s recommendation to patch your Microsoft Exchange servers immediately.

Citrix Web App Firewall (WAF) has released updated signatures to mitigate the CVE-2021-26855 vulnerability. If you are running any on-premises Microsoft Exchange Server versions 2013, 2016, or 2019 versions, Citrix strongly recommends that you download the signatures version 60 and apply it to your Citrix WAF deployments as an additional layer of protection. Signatures are compatible with the following versions of Citrix ADC software: 13.0, 12.1, and 11.1 (Note: version 12.0 is at end of life).

Learn More about Citrix Web App Firewall

Citrix WAF is built on a single code base (Citrix ADC) across cloud, physical, virtual, bare-metal, and containers that brings consistency to your hybrid multi-cloud applications and workflows. Holistic application security from Layer 3 to Layer 7 and built-in API protection ensures you don’t have to worry about being vulnerable.

Securing applications involves more than just using basic WAF functionality. Citrix provides immediate protection against injection attacks and known application exploits and delivers advanced protection with dynamic profiling. This enables automated learning and adaptation to your application’s behavior. Citrix ADC’s application security solution also includes bot mitigation and API security.

Learn about Citrix Web App Firewall. For more information about Citrix Web Application Firewall signature, check out our alert articles and bot signature articles, and find out how you can receive signature alert notification.