Description:
Citrix published security advisories to address multiple vulnerabilities in Citrix products. An attacker could exploit these vulnerabilities by sending specially crafted requests to an affected system.
Reports indicate that multiple vulnerabilities (CVE-2023-6548 and CVE-2023-6549) in Citrix NetScaler ADC and Citrix NetScaler Gateway are being exploited in the wild. System administrators are advised to take immediate actions to patch your affected systems to mitigate the elevated risk of cyber attacks.
Affected Systems:
- Citrix NetScaler Application Delivery Controller (ADC) and Citrix NetScaler Gateway 14.1 prior to version 14.1-12.35
- Citrix NetScaler Application Delivery Controller (ADC) and Citrix NetScaler Gateway 13.1 prior to version 13.1-51.15
- Citrix NetScaler Application Delivery Controller (ADC) and Citrix NetScaler Gateway 13.0 prior to version 13.0-92.21
- Citrix NetScaler Application Delivery Controller (ADC) 13.1-FIPS prior to version 13.1-37.176
- Citrix NetScaler Application Delivery Controller (ADC) 12.1-FIPS prior to version 12.1-55.302
- Citrix NetScaler Application Delivery Controller (ADC) 12.1-NDcPP prior to version 12.1-55.302
- Citrix StoreFront prior to version 2311
- Citrix StoreFront prior to version 2308.1
- Citrix StoreFront 2203 LTSR prior to CU4 Update 1
- Citrix StoreFront 1912 LTSR prior to CU8 hotfix 3.22.8001.2
- Citrix Virtual Apps and Desktops prior to version 2311
- Citrix Virtual Apps and Desktops 2203 LTSR prior to CU4
- Citrix Virtual Apps and Desktops 1912 LTSR prior to CU8 hotfix 19.12.8100.4
Please note that Citrix NetScaler ADC and Citrix NetScaler Gateway version 12.1 has reached End-Of-Life (EOL). As version 12.1 is vulnerable with no patches provided, system administrators should arrange to upgrade the NetScaler ADC and NetScaler Gateway to supported versions or migrate to other supported technology.
Impact:
Successful exploitation of the vulnerabilities could lead to remote code execution, denial of service or spoofing on an affected system.
Recommendation:
Patches for affected systems are now available. Administrators of affected systems should follow the recommendations provided by the vendor and take immediate actions to mitigate the risk.
More Information:
- https://support.citrix.com/article/CTX583759
- https://support.citrix.com/article/CTX583930
- https://support.citrix.com/article/CTX584986
- https://www.hkcert.org/security-bulletin/citrix-products-multiple-vulnerabilities_20240117
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5914
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6184
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6548 (to CVE-2023-6549)