Citrix is Warning Critical security flaws in NetScaler Application Delivery Controllers (ADCs) and gateways are being actively exploited by users in the real world, the company said.
- NetScaler ADC and NetScaler Gateway 13.1 before 13.1-49.13
- NetScaler ADC and NetScaler Gateway 13.0 before 13.0-91.13
- NetScaler ADC and NetScaler Gateway version 12.1 (now end of life)
- NetScaler ADC 13.1-FIPS prior to NetScaler ADC 13.1-37.159
- NetScaler ADC 12.1-FIPS prior to NetScaler ADC 12.1-55.297, and
- Before NetScaler ADC 12.1-NDcPP 12.1-55.297
The company did not provide further details about the flaws related to CVE-2023-3519, other than saying that it has seen exploitation of this flaw in “unmitigated appliances.” However, for an exploit to be successful, the device must be either a gateway (VPN virtual server, ICA proxy, CVPN, RDP proxy) or authentication and accounting (AAA) virtual server.
Alongside CVE-2023-3519, we are also addressing two other bugs.
- CVE-2023-3466 (CVSS Score: 8.3) – Improper input validation vulnerability allows reflected cross-site scripting (XSS) attacks.
- CVE-2023-3467 (CVSS Score: 8.0) – Improper privilege management vulnerability could lead to privilege escalation to root administrator (nsroot).
Wouter Rijkbost and Jorren Geurts of Resillion reported the bug. A patch has been released that addresses his three flaws in the version below.
- NetScaler ADC and NetScaler Gateway 13.1-49.13 and later releases
- NetScaler ADC and NetScaler Gateway 13.0-91.13 and 13.0 and later releases
- NetScaler ADC 13.1-FIPS 13.1-37.159 and later releases of 13.1-FIPS
- NetScaler ADC 12.1-FIPS 12.1-55.297 or later 12.1-FIPS releases, and
- NetScaler ADC 12.1-NDcPP 12.1-55.297 and later 12.1-NDcPP releases
NetScaler ADC and NetScaler Gateway version 12.1 customers are encouraged to upgrade their appliances to a supported version to mitigate potential threats.
Shielding Against Insider Threats: Mastering SaaS Security Posture Management
Worried about insider threats? We’ve got you covered! Join us for this webinar to explore practical strategies and proactive security secrets using SaaS Security Posture Management.
This development comes amid active exploitation of security flaws found in Adobe ColdFusion (CVE-2023-29298 and CVE-2023-38203) and the WooCommerce Payments WordPress plugin (CVE-2023-28121). was broken.
Neglecting security flaws in WordPress plugins opens the door to full compromise, allowing attackers to reuse compromised WordPress sites for other malicious activities.
Last month, eSentire announced that “ nitrogen A compromised WordPress site is used to host a malicious ISO image file that, when launched, can connect to remote servers to retrieve additional payloads such as Python scripts and Cobalt Strike. A malicious DLL file is deployed.