Vulnerability in Citrix NetScaler ADC & Gateway Allows Attackers to Remotely Access Sensitive Data

A security vulnerability has been identified in Citrix NetScaler ADC and Gateway appliances, allowing remote attackers to access sensitive data without authentication. This flaw, known as an out-of-bounds memory read issue, affects software versions up to 13.1-50.23 and has been compared to the previously known CitrixBleed vulnerability, though it is considered less serious in terms of the exposed data’s sensitivity, as per Bishop Fox’s advisory.

The vulnerability specifically impacts NetScaler devices configured as gateways or for authentication, authorization, and auditing (AAA) services, commonly used in enterprise environments for secure remote access and traffic management. Attackers can exploit the system by sending specially crafted requests to the vulnerable interface, potentially leaking information such as credentials and session tokens in HTTP request bodies.

The flaw arises from improper handling of the HTTP host request header, causing memory management issues and unintended data disclosure when handling excessively long header values. Bishop Fox confirmed that NetScaler ADC and Gateway products were vulnerable to unauthenticated out-of-bounds memory reads, exploiting the vulnerability to capture sensitive information from the device’s process memory, including HTTP request bodies.

Citrix has acknowledged the vulnerability and released updates to address the issue. Versions 13.1-51.15 and later contain fixes for this security flaw. It is strongly recommended that all users of affected versions update their systems promptly to prevent potential exploitation, as active attacks exploiting this vulnerability have been observed in the wild.

This vulnerability underscores the challenges of protecting network devices against advanced cyber threats. Citrix NetScaler ADC and Gateway users are advised to review their systems and apply necessary updates promptly to safeguard their networks against data breaches and unauthorized access attempts. Organizations using older software versions that are now end-of-life must upgrade to supported versions to address this vulnerability and maintain overall system security and compliance with current standards.

To assist in securing against potential attacks, secure your network today through the following link: Download Free Guide

Additionally, the On-Demand Webinar to Secure the Top 3 SME Attack Vectors offers valuable insights for mitigating threats in SMEs: Watch for Free

Article Source
https://gbhackers.com/citrix-netscaler-adc-gateway-flaw/