Carding 4 Carders
Professional
- Messages
- 2,730
- Reaction score
- 1,467
- Points
- 113
New vulnerabilities can lead to DoS and expose information on vulnerable devices.
Citrix's NetScaler ADC and NetScaler Gateway products are subject to a pair of new critical vulnerabilities that can expose sensitive information on vulnerable devices and lead to Denial of Service (DoS) attacks.
The first vulnerability leading to information disclosure is registered under the identifier CVE-2023-4966 with a CVSS rating of 9.4. It can be applied remotely without elevated privileges or complex interaction.
However, there is a certain condition for operation. For a device to be vulnerable, it must be configured as a gateway (VPN virtual server, ICA proxy, CVPN, RDP proxy) or AAA virtual server.
While exploiting this error may result in "confidential information disclosure," the vendor did not provide any details about what information is being disclosed.
The second vulnerability disclosed in the same security bulletin is CVE-2023-4967, a high-severity vulnerability (CVSS score 8.2) that requires the same prerequisites as the previous vulnerability. CVE-2023-4967 can potentially cause denial of service on vulnerable devices.
Affected versions of Citrix products are:
Citrix recommends updating the software to the latest protected versions. This time, the company did not provide recommendations on mitigating the threat or workarounds for protection.
It is also noted that the version of Citrix products 12.1 has reached the end of support date, so all users are recommended to upgrade to the latest, actively supported version.
Critical flaws in Citrix products are highly sought after by hackers, as these products are exploited by large organizations with valuable assets.
A recent example of such use is CVE-2023-3519, a critical remote code execution vulnerability that Citrix patched in July of this year, but is still actively exploited by cybercriminals against customers with outdated software versions.
Citrix's NetScaler ADC and NetScaler Gateway products are subject to a pair of new critical vulnerabilities that can expose sensitive information on vulnerable devices and lead to Denial of Service (DoS) attacks.
The first vulnerability leading to information disclosure is registered under the identifier CVE-2023-4966 with a CVSS rating of 9.4. It can be applied remotely without elevated privileges or complex interaction.
However, there is a certain condition for operation. For a device to be vulnerable, it must be configured as a gateway (VPN virtual server, ICA proxy, CVPN, RDP proxy) or AAA virtual server.
While exploiting this error may result in "confidential information disclosure," the vendor did not provide any details about what information is being disclosed.
The second vulnerability disclosed in the same security bulletin is CVE-2023-4967, a high-severity vulnerability (CVSS score 8.2) that requires the same prerequisites as the previous vulnerability. CVE-2023-4967 can potentially cause denial of service on vulnerable devices.
Affected versions of Citrix products are:
- NetScaler ADC and NetScaler Gateway 14.1 up to version 14.1-8.50
- NetScaler ADC and NetScaler Gateway 13.1 up to version 13.1-49.15
- NetScaler ADC and NetScaler Gateway 13.0 up to version 13.0-92.19
- NetScaler ADC 13.1-FIPS up to version 13.1-37.164
- NetScaler ADC 12.1-FIPS up to version 12.1-55.300
- NetScaler ADC 12.1-NDcPP up to version 12.1-55.300
Citrix recommends updating the software to the latest protected versions. This time, the company did not provide recommendations on mitigating the threat or workarounds for protection.
It is also noted that the version of Citrix products 12.1 has reached the end of support date, so all users are recommended to upgrade to the latest, actively supported version.
Critical flaws in Citrix products are highly sought after by hackers, as these products are exploited by large organizations with valuable assets.
A recent example of such use is CVE-2023-3519, a critical remote code execution vulnerability that Citrix patched in July of this year, but is still actively exploited by cybercriminals against customers with outdated software versions.
