The HTTP protocol stack remote code execution vulnerability (CVE-2022-21907) lies in the management of HTTP Trailers by the kernel mode driver http.sys. Certain operating systems such as Windows Server 2019 and Windows 10 version 1809 are, by default, not vulnerable …

The post Guidance for reducing HTTP protocol RCE security vulnerability risk with Citrix Web App Firewall (CVE-2022-21907) first appeared on Citrix Blogs.


Related Stories

Share →