Article Details
Scrape Timestamp (UTC): 2023-10-10 15:57:51.494
Original Article Text
Click to Toggle View
New critical Citrix NetScaler flaw exposes 'sensitive' data. Citrix NetScaler ADC and NetScaler Gateway are impacted by a critical severity flaw that allows the disclosure of sensitive information from vulnerable appliances. The flaw is tracked as CVE-2023-4966 and has received a CVSS rating of 9.4, being remotely exploitable without requiring high privileges, user interaction, or high complexity. However, there's the prerequisite of the appliance to be configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or an AAA virtual server for it to be vulnerable to attacks. While the flaw's exploitation can lead to "sensitive information disclosure," the vendor has not provided any details about what information is exposed. A second vulnerability disclosed in the same bulletin is CVE-2023-4967, a high-severity (CVSS score: 8.2) flaw carrying the same prerequisites, which can potentially cause denial of service (DoS) on vulnerable devices. The affected versions of Citrix products are: The recommended action is to upgrade to a fixed version that implements security updates addressing the two flaws. Citrix has provided no mitigation tips or workarounds this time. "Cloud Software Group strongly urges affected customers of NetScaler ADC and NetScaler Gateway to install the relevant updated versions of NetScaler ADC and NetScaler Gateway as soon as possible," reads Citrix's security bulletin. The target versions to upgrade to are: It is noted that version 12.1 has reached its end of life (EOL) date and will no longer be supported by Citrix. Hence, users are recommended to upgrade to a newer, actively supported release. Critical-severity flaws in Citrix products are highly sought-after by hackers, as large organizations with valuable assets use these devices. A recent example of such exploitation is CVE-2023-3519, a critical remote code execution flaw Citrix fixed as a zero-day in July 2023. This flaw is currently under active exploitation by numerous cybercriminals who leverage the available exploits for planting backdoors and stealing credentials.
Daily Brief Summary
A critical severity flaw impacting Citrix NetScaler ADC and NetScaler Gateway could allow the disclosure of sensitive information from vulnerable appliances.
The flaw, tracked as CVE-2023-4966, has a CVSS rating of 9.4 and is remotely exploitable without requiring high privileges or user interaction.
A second disclosed vulnerability, CVE-2023-4967, is a high-severity flaw that can cause denial of service on vulnerable devices.
The affected appliances must be configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or an AAA virtual server to be susceptible to attacks.
Citrix recommends upgrading to fixed versions implementing the security updates for the mentioned flaws, without providing any mitigation tips or workarounds.
Critical-severity flaws in Citrix products are sought-after by hackers due to the large organizations with valuable assets that use these devices. In July 2023, a critical remote code execution flaw Citrix fixed as a zero-day was exploited by cybercriminals for planting backdoors and stealing credentials.