QID 379265
Date Published: 2024-01-17
QID 379265: Citrix Application Delivery Controller (ADC) and Citrix Gateway Multiple Vulnerabilities (CTX584986)
Multiple vulnerabilities have been discovered in NetScaler ADC (formerly Citrix ADC) and NetScaler Gateway (formerly Citrix Gateway).
CVE-2023-6548: Authenticated (low privileged) Remote Code Execution on Management Interface
CVE-2023-6549: Denial of Service
Affected Versions:
NetScaler ADC and NetScaler Gateway 14.1 before 14.1-12.35
NetScaler ADC and NetScaler Gateway 13.1 before 13.1-51.15
NetScaler ADC and NetScaler Gateway 13.0 before 13.0-92.21
And NetScaler ADC and NetScaler Gateway 12.1 Versions (End Of Life)
QID Detection Logic:
Authenticated:
This QID checks for vulnerable versions of Citrix ADC/Netscaler and whether Appliance is configured as a gateway.
Unauthenticated:
This QID checks for vulnerable versions of Citrix ADC/Netscaler by checking the version hash. The hash based check is added on the basis of the following Citrix Hashes.
Please note that we can only detect vulnerable citrix versions that have an existing md5 hash in the provided list. This QID also gets triggered if it detects vulnerable version via SNMP Banner.
Successful exploitation could lead to Remote Code Execution and/or Denial of Service.
Customers are advised to refer to CTX584986 for information pertaining to remediating this vulnerability.
CVEs related to QID 379265
| Advisory ID | Software | Component | Link |
|---|---|---|---|
| CTX584986 |
support.citrix.com/article/CTX584986/netscaler-adc-and-netscaler-gateway-security-bulletin-for-cve20236548-and-cve20236549 |