Citrix Products Multiple Vulnerabilities

Multiple vulnerabilities were identified in Citrix Products. A remote attacker could exploit some of these vulnerabilities to trigger elevation of privilege, remote code execution and cross-site scripting on the targeted system.

 

Note:

According to Citrix, exploits of CVE-2023-3519 on unmitigated appliances have been observed.

RISK: Extremely High Risk

TYPE: Operating Systems – Networks OS

TYPE: Networks OS

Impact

  • Remote Code Execution
  • Elevation of Privilege
  • Cross-Site Scripting

System / Technologies affected

  • NetScaler ADC and NetScaler Gateway 13.1 before 13.1-49.13
  • NetScaler ADC and NetScaler Gateway 13.0 before 13.0-91.13
  • NetScaler ADC 13.1-FIPS before 13.1-37.159
  • NetScaler ADC 12.1-FIPS before 12.1-55.297
  • NetScaler ADC 12.1-NDcPP before 12.1-55.297

Note: NetScaler ADC and NetScaler Gateway version 12.1 is now End Of Life (EOL) and is vulnerable.


Solutions

Before installation of the software, please visit the software vendor web-site for more details.

 

  • The vendor has issued a fix:
    NetScaler ADC and NetScaler Gateway 13.1-49.13 and later releases
    NetScaler ADC and NetScaler Gateway 13.0-91.13 and later releases of 13.0
    NetScaler ADC 13.1-FIPS 13.1-37.159 and later releases of 13.1-FIPS 
    NetScaler ADC 12.1-FIPS 12.1-55.297 and later releases of 12.1-FIPS
    NetScaler ADC 12.1-NDcPP 12.1-55.297 and later releases of 12.1-NDcPP

For details: https://support.citrix.com/article/CTX561482/citrix-adc-and-citrix-gateway-security-bulletin-for-cve20233519-cve20233466-cve20233467


Vulnerability Identifier


Source


Related Link


A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.

If you like the site, please support us on “Patreon” or “Buy Me A Coffee” using the buttons below

 To keep up to date follow us on the below channels.