Vulnerabilities > CVE-2023-4966 - Unspecified vulnerability in Citrix products
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
NONE Availability impact
NONE Summary
Sensitive information disclosure in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA ?virtual?server.
Vulnerable Configurations
Related news
- Recently patched Citrix NetScaler bug exploited as zero-day since August (source)
- Critical Citrix NetScaler Flaw Exploited to Target from Government, Tech Firms (source)
- Citrix NetScaler bug exploited in the wild since August (CVE-2023-4966) (source)
- Citrix warns admins to patch NetScaler CVE-2023-4966 bug immediately (source)
- Citrix urges 'immediate; patch for critical NetScaler bug as exploit POC made public (source)
- Citrix Bleed exploit lets hackers hijack NetScaler accounts (source)
- Citrix Bleed: Mass exploitation in progress (CVE-2023-4966) (source)
- 'Mass exploitation' of Citrix Bleed underway as ransomware crews pile in (source)
- Hackers use Citrix Bleed flaw in attacks on govt networks worldwide (source)
- LockBit ransomware exploits Citrix Bleed in attacks, 10K servers exposed (source)
- Citrix warns admins to kill NetScaler user sessions to block hackers (source)
- How LockBit used Citrix Bleed to breach Boeing and other targets (source)
- Week in review: LockBit exploits Citrix Bleed, Apache ActiveMQ bug exploited for cryptojacking (source)
- US Health Dept urges hospitals to patch critical Citrix Bleed bug (source)
- Citrix Bleed leveraged to steal data of 35+ million Comcast Xfinity customers (source)
- Citrix warns of new Netscaler zero-days exploited in attacks (source)