Citrix Discovers 2 Vulnerabilities, Both Exploited in the Wild

  /     /     /  
Publicated : 23/11/2024   Category : security


Citrix Discovers 2 Vulnerabilities, Both Exploited in the Wild


These vulnerabilities are the second and third for Citrix but are not expected to be as detrimental as CitrixBleed.



Two vulnerabilities have been found in NetScaler ADC and NetScaler Gateway, formerly known as Citrix ADC and Citrix Gateway, and are affecting six supported versions.
Tracked as CVE-2023-6548, this vulnerability needs access to NSIP, CLIP, or SNIP with management interface access, where, if gaining these privileges, a threat actor could authenticate remote code execution on the appliances management interface. This vulnerability is rated a medium severity CVSS score of 5.5 on a 10-point scale. The second vulnerability, CVE-2023-6549, is a denial-of-service (DoS) issue, and the device must have an AAA virtual server or be configured as a gateway; it has been given a high severity CVSS rating of 8.2. Both of these flaws have been exploited in the wild, but no details have been shared from Citrix at this point.
Citrix has recommended that to combat CVE-2023-6548, which impacts management interfaces, network traffic to the appliances management interface [should be] separated, either physically or logically, from normal network traffic. In addition, we recommend that you do not expose the management interface to the Internet.
Because exploitation of these appliances has occurred, Cloud Software Group recommends that affected customers install the updated versions of these interfaces for the affected appliances, including:
NetScaler ADC and NetScaler Gateway 14.1-12.35 and later releases
NetScaler ADC and NetScaler Gateway  13.1-51.15 and later releases of 13.1
NetScaler ADC and NetScaler Gateway 13.0-92.21 and later releases of 13.0  
NetScaler ADC 13.1-FIPS 13.1-37.176 and later releases of 13.1-FIPS  
NetScaler ADC 12.1-FIPS 12.1-55.302 and later releases of 12.1-FIPS  
NetScaler ADC 12.1-NDcPP 12.1-55.302 and later releases of 12.1-NDcPP 
Just last month,
Citrix patched a critical flaw

CVE-2023-4966
 (coined
CitrixBleed)
, that was heavily exploited by threat actors, but
according to Tenable researchers
, these two new vulnerabilities wont have as significant of an impact. Still, users should
mitigate and apply patches
to their networks as soon as they can.
Citrix reports that it is alerting customers and channel partners about any potential issues that may arise due to these vulnerabilities through its bulletin in its Citrix Knowledge Center on its website. Should customers need support or assistance, they can reach out to
Citrix technical support
.

Last News

▸ Scan suggests Heartbleed patches may not have been successful. ◂
Discovered: 23/12/2024
Category: security

▸ IoT Devices on Average Have 25 Vulnerabilities ◂
Discovered: 23/12/2024
Category: security

▸ DHS-funded SWAMP scans code for bugs. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Citrix Discovers 2 Vulnerabilities, Both Exploited in the Wild