Description:
Citrix published security advisories to address multiple vulnerabilities in Citrix products. An attacker could exploit these vulnerabilities by sending specially crafted requests to an affected system.
Reports indicate that multiple vulnerabilities (CVE-2023-6548 and CVE-2023-6549) in Citrix NetScaler ADC and Citrix NetScaler Gateway are being exploited in the wild. System administrators are advised to take immediate actions to patch your affected systems to mitigate the elevated risk of cyber attacks.
Affected Systems:
Citrix NetScaler Application Delivery Controller (ADC) and Citrix NetScaler Gateway 14.1 prior to version 14.1-12.35
Citrix NetScaler Application Delivery Controller (ADC) and Citrix NetScaler Gateway 13.1 prior to version 13.1-51.15
Citrix NetScaler Application Delivery Controller (ADC) and Citrix NetScaler Gateway 13.0 prior to version 13.0-92.21
Citrix NetScaler Application Delivery Controller (ADC) 13.1-FIPS prior to version 13.1-37.176
Citrix NetScaler Application Delivery Controller (ADC) 12.1-FIPS prior to version 12.1-55.302
Citrix NetScaler Application Delivery Controller (ADC) 12.1-NDcPP prior to version 12.1-55.302
Citrix StoreFront prior to version 2311
Citrix StoreFront prior to version 2308.1
Citrix StoreFront 2203 LTSR prior to CU4 Update 1
Citrix StoreFront 1912 LTSR prior to CU8 hotfix 3.22.8001.2
Citrix Virtual Apps and Desktops prior to version 2311
Citrix Virtual Apps and Desktops 2203 LTSR prior to CU4
Citrix Virtual Apps and Desktops 1912 LTSR prior to CU8 hotfix 19.12.8100.4
Please note that Citrix NetScaler ADC and Citrix NetScaler Gateway version 12.1 has reached End-Of-Life (EOL). As version 12.1 is vulnerable with no patches provided, system administrators should arrange to upgrade the NetScaler ADC and NetScaler Gateway to supported versions or migrate to other supported technology.
Impact:
Support the originator by clicking the read the rest link below.
: Multiple Vulnerabilities in Citrix Product){kind=link}