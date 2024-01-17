Citrix, a leading software company, has issued a warning about two zero-day security vulnerabilities in its products, NetScaler ADC and NetScaler Gateway. These vulnerabilities are currently being actively exploited by cybercriminals.

The first vulnerability, known as CVE-2023-6548, allows for authenticated remote code execution on the management interface of the affected products. This requires the attacker to have access to NSIP, CLIP, or SNIP with management interface access. The severity of this vulnerability is rated as 5.5 out of 10.

The second vulnerability, identified as CVE-2023-6549, is a denial-of-service vulnerability that affects the NetScaler ADC and Gateway appliances configured as a Gateway or authorization and accounting (AAA) virtual server. This vulnerability has a higher severity rating of 8.2 out of 10.

The impacted versions of NetScaler ADC and Gateway include:

– NetScaler ADC and Gateway 14.1 before 14.1-12.35

– NetScaler ADC and Gateway 13.1 before 13.1-51.15

– NetScaler ADC and Gateway 13.0 before 13.0-92.21

– NetScaler ADC and Gateway version 12.1 (currently end-of-life)

– NetScaler ADC 13.1-FIPS before 13.1-37.176

– NetScaler ADC 12.1-FIPS before 12.1-55.302

– NetScaler ADC 12.1-NDcPP before 12.1-55.302

Citrix advises users of version 12.1 to upgrade their appliances to a supported version that includes patches for the vulnerabilities. Additionally, it is recommended to avoid exposing the management interface to the internet to minimize the risk of exploitation.

These vulnerabilities come in the wake of previous security issues with Citrix appliances that have been weaponized by threat actors. It highlights the importance of promptly addressing security vulnerabilities and staying informed about updates from software vendors.

FAQs

What are the zero-day vulnerabilities in Citrix NetScaler ADC and Gateway?

The zero-day vulnerabilities in Citrix NetScaler ADC and Gateway are CVE-2023-6548 and CVE-2023-6549. These vulnerabilities allow for remote code execution and denial-of-service attacks, respectively.

Which versions of NetScaler ADC and Gateway are impacted?

The impacted versions include NetScaler ADC and Gateway 14.1, 13.1, 13.0, and 12.1.

What should users do to mitigate the vulnerabilities?

Users of version 12.1 are advised to upgrade their appliances to a supported version. It is also recommended to avoid exposing the management interface to the internet to minimize the risk of exploitation.

Sources:

– Citrix: [www.citrix.com](https://www.citrix.com)

– CVE-2023-6548: [cve.mitre.org](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6548)

– CVE-2023-6549: [cve.mitre.org](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6549)