CVE-2023-4966

high

Description

Sensitive information disclosure in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server.

From the Tenable Blog

CVE-2023-4966: Citrix NetScaler ADC and NetScaler Gateway Information Disclosure Exploited in the Wild
CVE-2023-4966: Citrix NetScaler ADC and NetScaler Gateway Information Disclosure Exploited in the Wild

Published: 2023-10-18

A critical information disclosure vulnerability in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway has been exploited in the wild as a zero-day vulnerability. Organizations are urged to patch immediately.

Frequently Asked Questions for CitrixBleed (CVE-2023-4966)
Frequently Asked Questions for CitrixBleed (CVE-2023-4966)

Published: 2023-11-20

Frequently asked questions relating to a critical vulnerability in Citrix NetScaler that has been under active exploitation for over a month, including by ransomware groups.

CVE-2023-4966 (CitrixBleed): Invalidate Active or Persistent Sessions To Prevent Further Compromise
CVE-2023-4966 (CitrixBleed): Invalidate Active or Persistent Sessions To Prevent Further Compromise

Published: 2023-12-06

Patching CitrixBleed isn’t enough; organizations need to invalidate active or persistent session tokens as the these tokens can be used to compromise networks and bypass authentication measures including multifactor authentication

References

http://packetstormsecurity.com/files/175323/Citrix-Bleed-Session-Token-Leakage-Proof-Of-Concept.html

https://support.citrix.com/article/CTX579459

Details

Source: Mitre, NVD

Published: 2023-10-10

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Severity: High