Two vulnerabilities discovered by Citrix, both actively exploited

Two vulnerabilities discovered by Citrix, both actively exploited



Two vulnerabilities have been discovered in NetScaler ADC and NetScaler Gateway, previously known as Citrix ADC and Citrix Gateway, impacting six supported versions. The first vulnerability, CVE-2023-6548, requires access to NSIP, CLIP, or SNIP with access to the management interface, allowing threat actors to authenticate remote code execution on the device. The severity of this vulnerability is rated at 5.5 out of 10. The second vulnerability, CVE-2023-6549, is a denial of service (DoS) issue affecting devices with an AAA virtual server or configured as a gateway, with a high severity rating of 8.2. These flaws have been exploited in the wild, but Citrix has not disclosed further details at this time.

To address CVE-2023-6548, Citrix recommends separating network traffic to the device’s management interface from normal network traffic, either physically or logically, and avoiding exposure of the management interface to the internet. Cloud Software Group advises affected customers to install updated versions for affected devices, such as NetScaler ADC and NetScaler Gateway 14.1-12.35 and later, NetScaler ADC and NetScaler Gateway 13.1-51.15 and later, NetScaler ADC and NetScaler Gateway 13.0-92.21 and later, NetScaler ADC 13.1-FIPS 13.1-37.176 and later, NetScaler ADC 12.1-FIPS 12.1-55.302 and later, and NetScaler ADC 12.1-NDcPP 12.1-55.302 and later.

In the previous month, Citrix addressed a critical flaw, CVE-2023-4966 (known as Citrix (bleed)), which was extensively exploited by threat actors. However, Tenable researchers believe that these two new vulnerabilities will not have as significant of an impact. It is essential for users to take the necessary steps to mitigate and patch their networks promptly.

Citrix is actively informing its customers and channel partners about potential issues related to these vulnerabilities through its newsletter in the Citrix Knowledge Center on its website. Customers requiring support or assistance can reach out to Citrix technical support for help. It is crucial for organizations using NetScaler ADC and NetScaler Gateway to take these vulnerabilities seriously and take appropriate actions to secure their systems.

Article Source
https://www.darkreading.com/vulnerabilities-threats/citrix-discovers-two-vulnerabilities-both-exploited-in-the-wild