Citrix zero-day vulnerability under attack

By

NetScalar appliances affected.

Users of Citrix’s NetScaler ADC and NetScaler Gateway (formerly Citrix ADC and Citrix Gateway respectively) appliances should patch as soon as possible, with the vendor announcing a zero-day vulnerability that is under exploitation.

Citrix zero-day vulnerability under attack

The vulnerabilities only affect customer-managed appliances; Citrix-provided cloud services or Adaptive Authentication services are not affected.

In its advisory, Citrix noted that the most serious vulnerability is CVE-2023-3519, which can be exploited by an unauthenticated attacker to get remote code execution. 

To be vulnerable, the advisory stated, the appliance has to be configured “as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy); or as an AAA virtual server”.

“Exploits of CVE-2023-3519 on unmitigated appliances have been observed”, the advisory stated.

The affected product versions are as follows: NetScaler ADC and NetScaler Gateway 13.1 before 13.1-49.13; NetScaler ADC and NetScaler Gateway 13.0 before 13.0-91.13; NetScaler ADC 13.1-FIPS before 13.1-37.159; NetScaler ADC 12.1-FIPS before 12.1-55.297; and NetScaler ADC 12.1-NDcPP before 12.1-55.297.

NetScaler ADC and Gateway 12.1 is vulnerable, but is end-of-life and won’t be patched.

The other two vulnerabilities are CVE-2023-3466, a reflected cross-site scripting vulnerable that’s only exploitable with victim interaction; and CVE-2023-3467, a privilege escalation bug.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:

Most Read Articles

Qantas facing 'significant' data theft after cyber attack

Qantas facing 'significant' data theft after cyber attack

Home Affairs officer accessed data on "friends and associates"

Home Affairs officer accessed data on "friends and associates"

Qantas contacted by "potential cyber criminal"

Qantas contacted by "potential cyber criminal"

SA Power Networks tackles IAM, cloud security under five-year strategy

SA Power Networks tackles IAM, cloud security under five-year strategy

Log In

  |  Forgot your password?