Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2023-4967: NetScaler ADC and NetScaler Gateway Security Bulletin for CVE-2023-4966 and CVE-2023-4967

Denial of Service in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA Virtual Server

CVE
#vulnerability#web#dos#auth

CTX579459

{{tooltipText}}

Security Bulletin | Severity: Critical | {{likeCount}} found this helpful | Created: {{articleFormattedCreatedDate}} | Modified: {{articleFormattedModifiedDate}} | Status: Final

Description of Problem

Multiple vulnerabilities have been discovered in NetScaler ADC (formerly Citrix ADC) and NetScaler Gateway (formerly Citrix Gateway).

Affected Versions:

The following supported versions of NetScaler ADC and NetScaler Gateway are affected by the vulnerabilities:

  • NetScaler ADC and NetScaler Gateway 14.1 before 14.1-8.50
  • NetScaler ADC and NetScaler Gateway 13.1 before 13.1-49.15
  • NetScaler ADC and NetScaler Gateway 13.0 before 13.0-92.19
  • NetScaler ADC 13.1-FIPS before 13.1-37.164
  • NetScaler ADC 12.1-FIPS before 12.1-55.300
  • NetScaler ADC 12.1-NDcPP before 12.1-55.300

Note: NetScaler ADC and NetScaler Gateway version 12.1 is now End-of-Life (EOL) and is vulnerable.

This bulletin only applies to customer-managed NetScaler ADC and NetScaler Gateway products. Customers using Citrix-managed cloud services or Citrix-managed Adaptive Authentication do not need to take any action.

Summary:

NetScaler ADC and NetScaler Gateway contain unauthenticated buffer-related vulnerabilities mentioned below

CVE ID

Description

Pre-requisites

CWE

CVSS

CVE-2023-4966

Sensitive information disclosure

Appliance must be configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server

Improper Restriction of Operations within the Bounds of a Memory BufferCWE-119

9.4

CVE-2023-4967

Denial of service

Appliance must be configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server

Improper Restriction of Operations within the Bounds of a Memory BufferCWE-119

8.2

Mitigating Factors

None.

What Customers Should Do

Exploits of CVE-2023-4966 on unmitigated appliances have been observed. Cloud Software Group strongly urges customers of NetScaler ADC and NetScaler Gateway to install the relevant updated versions of NetScaler ADC and NetScaler Gateway as soon as possible:

  • NetScaler ADC and NetScaler Gateway 14.1-8.50 and later releases
  • NetScaler ADC and NetScaler Gateway  13.1-49.15 and later releases of 13.1
  • NetScaler ADC and NetScaler Gateway 13.0-92.19 and later releases of 13.0
  • NetScaler ADC 13.1-FIPS 13.1-37.164 and later releases of 13.1-FIPS
  • NetScaler ADC 12.1-FIPS 12.1-55.300 and later releases of 12.1-FIPS
  • NetScaler ADC 12.1-NDcPP 12.1-55.300 and later releases of 12.1-NDcPP

Note: NetScaler ADC and NetScaler Gateway version 12.1 is now End-of-Life (EOL). Customers are recommended to upgrade their appliances to one of the supported versions that address the vulnerabilities.

Cloud Software Group has also published a related blog at https://www.netscaler.com/blog/news/cve-2023-4966-critical-security-update-now-available-for-netscaler-adc-and-netscaler-gateway/ which contains a further context.

What Citrix is Doing

Citrix is notifying customers and channel partners about this potential security issue through the publication of this security bulletin on the Citrix Knowledge Center at https://support.citrix.com/securitybulletins.

Obtaining Support on This Issue

If you require technical assistance with this issue, please contact Citrix Technical Support. Contact details for Citrix Technical Support are available at https://www.citrix.com/support/open-a-support-case.

Subscribe to Receive Alerts

Citrix strongly recommends that all customers subscribe to receive alerts when a Citrix security bulletin is created or modified at https://support.citrix.com/user/alerts.

Reporting Security Vulnerabilities to Citrix

Citrix welcomes input regarding the security of its products and considers any and all potential vulnerabilities seriously. For details on our vulnerability response process and guidance on how to report security-related issues to Citrix, please see the following webpage: https://www.citrix.com/about/trust-center/vulnerability-process.html.

Disclaimer

This document is provided on an “as is” basis and does not imply any kind of guarantee or warranty, including the warranties of merchantability or fitness for a particular use. Your use of the information on the document is at your own risk. Citrix reserves the right to change or update this document at any time. Customers are therefore recommended to always view the latest version of this document directly from the Citrix Knowledge Center.

Changelog

2023-10-10 T 16:00:00Z

Initial Publication

2023-10-17 T 16:00:00Z

Inclusion of information related to the exploitation of CVE-2023-4966

2023-10-23 T 16:00:00Z

Inclusion of a link to the Cloud Software Group blog post about CVE-2023-4966

Related news

LockBit Affiliate Sentenced to 4 Years in Canada, Faces Extradition

By Deeba Ahmed Mikhail Vasiliev, a Russian-Canadian citizen faces four years in a Canadian prison and is likely to be extradited to the US after completing his sentence. This is a post from HackRead.com Read the original post: LockBit Affiliate Sentenced to 4 Years in Canada, Faces Extradition

Citrix, VMware, and Atlassian Hit with Critical Flaws — Patch ASAP!

Citrix is warning of two zero-day security vulnerabilities in NetScaler ADC (formerly Citrix ADC) and NetScaler Gateway (formerly Citrix Gateway) that are being actively exploited in the wild. The flaws are listed below - CVE-2023-6548 (CVSS score: 5.5) - Authenticated (low privileged) remote code execution on Management Interface (requires access to NSIP, CLIP, or SNIP with management

Xfinity Rocked with Data Breach Impacting 36 Million Users

By Deeba Ahmed The latest Xfinity data breach is linked to the critical Citrix Bleed vulnerability. This is a post from HackRead.com Read the original post: Xfinity Rocked with Data Breach Impacting 36 Million Users

Citrix Bleed widely exploitated, warn government agencies

Citrix Bleed is being actively exploited by at least six cybercrime groups.

LockBit Ransomware Exploiting Critical Citrix Bleed Vulnerability to Break In

Multiple threat actors, including LockBit ransomware affiliates, are actively exploiting a recently disclosed critical security flaw in Citrix NetScaler application delivery control (ADC) and Gateway appliances to obtain initial access to target environments. The joint advisory comes from the U.S. Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI),

Lockbit Ransomware Leaks Boeing Data Trove

By Deeba Ahmed Earlier, Boeing acknowledged a cyberattack amidst claims by the Lockbit ransomware gang of breaching its security and stealing data. This is a post from HackRead.com Read the original post: Lockbit Ransomware Leaks Boeing Data Trove

World’s Largest Bank ICBC Discloses Crippling Ransomware Attack

By Deeba Ahmed Reportedly, it was a ransomware attack orchestrated by the notorious LockBit gang. This is a post from HackRead.com Read the original post: World’s Largest Bank ICBC Discloses Crippling Ransomware Attack

October 2023: back to Positive Technologies, Vulristics updates, Linux Patch Wednesday, Microsoft Patch Tuesday, PhysTech VM lecture

Hello everyone! October was an interesting and busy month for me. I started a new job, worked on my open source Vulristics project, and analyzed vulnerabilities using it. Especially Linux vulnerabilities as part of my new Linux Patch Wednesday project. And, of course, analyzed Microsoft Patch Tuesday as well. In addition, at the end of […]

You’d be surprised to know what devices are still using Windows CE

The Arid Viper threat actor is actively trying to install spyware on targeted devices in the Middle East, using fake dating apps as lures.

Mandiant Tracks Four Uncategorized Groups Exploiting Citrix Vulnerability

By Waqas Mandiant Investigates Zero-Day Exploitation in Citrix Vulnerability, CVE-2023-4966. This is a post from HackRead.com Read the original post: Mandiant Tracks Four Uncategorized Groups Exploiting Citrix Vulnerability

As Citrix Urges Its Clients to Patch, Researchers Release an Exploit

In the race over Citrix's latest vulnerability, the bad guys have a huge head start, with broad implications for businesses and critical infrastructure providers worldwide.

Alert: PoC Exploits Released for Citrix and VMware Vulnerabilities

Virtualization services provider VMware has alerted customers to the existence of a proof-of-concept (PoC) exploit for a recently patched security flaw in Aria Operations for Logs. Tracked as CVE-2023-34051 (CVSS score: 8.1), the high-severity vulnerability relates to a case of authentication bypass that could lead to remote code execution. "An unauthenticated, malicious actor can inject files

Critical Citrix Bug Exploited as a Zero-Day, 'Patching Is Not Enough'

The latest threat to Citrix NetScaler, CVE-2023-4966, was exploited as a zero-day bug for months before a patch was issued. Researchers expect exploitation efforts to surge.

Critical Citrix NetScaler Flaw Exploited to Target from Government, Tech Firms

Citrix is warning of exploitation of a recently disclosed critical security flaw in NetScaler ADC and Gateway appliances that could result in exposure of sensitive information. Tracked as CVE-2023-4966 (CVSS score: 9.4), the vulnerability impacts the following supported versions - NetScaler ADC and NetScaler Gateway 14.1 before 14.1-8.50 NetScaler ADC and NetScaler Gateway 13.1 before

CVE-2023-4966: NetScaler ADC and NetScaler Gateway Security Bulletin for CVE-2023-4966 and CVE-2023-4967

Sensitive information disclosure in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA ?virtual?server. 

CVE-2023-4966: NetScaler ADC and NetScaler Gateway Security Bulletin for CVE-2023-4966 and CVE-2023-4967

Sensitive information disclosure in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA ?virtual?server. 

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907