EX SSL-VPN: Citrix server farm ICA client shows clear text username/password when users system shut
03/26/2020 4 11190
DESCRIPTION: EX SSL-VPN: Citrix server farm ICA client shows clear text username/password when users system shutdown abruptly
Citrix farm is accessed using a a Citrix icon on user's desktops and on the Aventail appliance the respective resource is configured as a Citrix farm resource. Whenever the client machine terminates the session with aventail abruptly (shut down for example), upon client machine reboot there is an .ICA file (Citrix config file) on the user's desktop that contains the username and password for the session.
The temporary file is not cleaned up because of an unxpected aventail session termination.
SonicWall support is has analysed this issue and the fix will be available in the upcoming 10.0.x firmware release.