Critical and High Vulnerabilities in Citrix ADC and Citrix Gateway (CVE-2023-3519, CVE-2023-3466, CVE-2023-3467)

Home/BOTNET, Compromised, Data Breach, Evilproxy, Exploitation, Internet Security, Mobile Security, Security Advisory, Security Update/Critical and High Vulnerabilities in Citrix ADC and Citrix Gateway (CVE-2023-3519, CVE-2023-3466, CVE-2023-3467)

Critical and High Vulnerabilities in Citrix ADC and Citrix Gateway (CVE-2023-3519, CVE-2023-3466, CVE-2023-3467)

Citrix ADC and Citrix Gateway, renowned for their role in facilitating secure application delivery and remote access solutions, have unfortunately been discovered to possess critical vulnerabilities.

These vulnerabilities present substantial risks, such as privilege escalation and remote code execution, which demand urgent attention from affected customers.

Numerous vulnerabilities spanning across multiple versions of Citrix ADC and Citrix Gateway have recently come to light, highlighting significant security concerns.

Critical and High Vulnerabilities in Citrix ADC and Citrix Gateway

CVE-2023-3466 is a critical vulnerability known as Reflected Cross-Site Scripting (XSS).

This vulnerability specifically targets users who access an attacker-controlled link through their web browser while connected to a network that has NSIP connectivity. Exploiting this vulnerability enables the execution of malicious scripts through Reflected Cross-Site Scripting, potentially leading to unauthorized actions.

The vendor has stated that exploiting this vulnerability requires a relatively low level of technical expertise. Moreover, it can have a severe impact on the Confidentiality, Availability, and Integrity of targeted systems.

Given its severity, this vulnerability has been assigned a rating of 8.3 (High).

Immediate attention and remedial measures are strongly advised to mitigate the risks associated with this vulnerability.

CVE-2023-3467 is a significant vulnerability that enables privilege escalation to the root administrator (nsroot) level.

In this vulnerability, if an authenticated user gains access to NSIP or SNIP with management interface privileges, they can elevate their privileges to the highest level, gaining full administrative control over the system.

Although exploiting this vulnerability requires low-level access to the targeted system, the vendor has stated that the impact on confidentiality is extremely high, emphasizing the seriousness of the issue.

This vulnerability has been assigned a severity rating of 8 (High).

It is crucial to address this vulnerability promptly and implement necessary security measures to mitigate potential risks.


CVE-2023-3519 is a very serious vulnerability known as Unauthenticated Remote Code Execution.

In this critical vulnerability, attackers who are not authenticated can remotely execute any code they choose on the affected appliance. This vulnerability can be exploited when the appliance is set up as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server.

This vulnerability is considered the most severe in the vendor’s announcement. The attacker can access the targeted system over a network connection without needing any privileges or user interaction.

The severity rating for this vulnerability is 9.8 (Critical).

It is crucial to address this vulnerability immediately and implement the necessary security measures to prevent potential risks.

The following versions of Citrix ADC and Citrix Gateway are affected by the vulnerabilities:

Citrix ADC Versions:

  • Versions 13.1 before 13.1-49.13
  • Versions 13.0 before 13.0-91.13
  • Versions 13.1-FIPS before 13.1-37.159
  • Versions 12.1-FIPS before 12.1-65.36
  • Versions 12.1-NDcPP before 12.65.36

Citrix Gateway Versions:

  • Versions 13.1 before 13.1-49.13
  • Versions 13.0 before 13.0-91.13
  • Versions 13.1-FIPS before 13.1-37.159
  • Versions 12.1-FIPS before 12.1-65.36
  • Versions 12.1-NDcPP before 12.65.36

If you are using any of the mentioned versions, it is important to take immediate action to secure your systems against the vulnerabilities.

Recommendation

  1. Update your Citrix ADC and Citrix Gateway: Make sure to install the latest releases that specifically address these vulnerabilities. This will help protect your systems from potential exploits.
  2. Upgrade from older versions: If you are using NetScaler ADC and NetScaler Gateway version 12.1, which is no longer supported, it is highly recommended to upgrade to newer and supported versions. This ensures ongoing security updates and support.
  3. Stay informed: Stay updated on future updates and security bulletins by subscribing to Citrix’s notifications. This way, you will receive timely information about any new vulnerabilities or patches that may affect your systems.
  4. Seek technical assistance: If you need further technical assistance or have specific questions related to the vulnerabilities, reach out to Citrix Technical Support. You can find contact details on the Citrix Support page for getting the necessary help

‍Follow Us on: Twitter, InstagramFacebook to get the latest security news!

Post Views: 230
By | 2023-07-26T07:44:37+05:30 July 19th, 2023|BOTNET, Compromised, Data Breach, Evilproxy, Exploitation, Internet Security, Mobile Security, Security Advisory, Security Update|

About the Author:

FirstHackersNews- Identifies Security

Related Posts

Leave A Comment

Subscribe to our newsletter to receive security tips everday!