Security News > 2023 > October > New critical Citrix NetScaler flaw exposes 'sensitive' data

New critical Citrix NetScaler flaw exposes 'sensitive' data
2023-10-10 15:53

Citrix NetScaler ADC and NetScaler Gateway are impacted by a critical severity flaw that allows the disclosure of sensitive information from vulnerable appliances.

"Cloud Software Group strongly urges affected customers of NetScaler ADC and NetScaler Gateway to install the relevant updated versions of NetScaler ADC and NetScaler Gateway as soon as possible," reads Citrix's security bulletin.

A recent example of such exploitation is CVE-2023-3519, a critical remote code execution flaw Citrix fixed as a zero-day in July 2023.

Attacks on Citrix NetScaler systems linked to ransomware actor.

Almost 2,000 Citrix NetScaler servers backdoored in hacking campaign.

Hackers hijack Citrix NetScaler login pages to steal credentials.


News URL

https://www.bleepingcomputer.com/news/security/new-critical-citrix-netscaler-flaw-exposes-sensitive-data/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2023-07-19 CVE-2023-3519 Code Injection vulnerability in Citrix products
Unauthenticated remote code execution
network
low complexity
citrix CWE-94
critical
 9.8
9.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Citrix 117 20 177 76 63 336