Cisco NetScaler ADC and NetScaler Gateway have been discovered to have two vulnerabilities, which were associated with remote code execution and denial of service.
The CVEs for these vulnerabilities were CVE-2023-6548 and CVE-2023-6549, and the severity has been given as 5.5 (Medium) and 8.2 (High).
In addition, these vulnerabilities were added to CISA’s known exploited vulnerabilities catalog, as there were reports of these two vulnerabilities being exploited in the wild by threat actors. CISA urges users to patch these vulnerabilities accordingly.
Compounding the problem are zero-day vulnerabilities like the MOVEit SQLi, Zimbra XSS, and 300+ such vulnerabilities that get discovered each month. Delays in fixing these vulnerabilities lead to compliance issues, these delay can be minimized with a unique feature on AppTrana that helps you to get “Zero vulnerability report” within 72 hours.
Vulnerability Analysis
CVE-2023-6548 is related to “Code Injection,” which allows an attacker to perform unauthenticated remote code execution on the Management interface of affected devices. Prerequisites for exploiting this vulnerability include access to NSIP, CLIP, or SNIP with a management interface.
CVE-2023-6549 was associated with denial of service vulnerability that can allow a threat actor to initial a denial of service condition, leading to the unusability of the device. To exploit this vulnerability, the appliance must be configured as a Gateway (VPN virtual server, ICA, Proxy, CVPN, RDP Proxy) or AAA virtual server.
As per reports, there were 1500 “exposed” NetScaler Management interfaces, most located in the United States. In addition, the flaws only affect customer-managed NetScaler appliances and not Citrix-managed cloud services and Adaptive Authentications.
Affected Products & Fixed in Version
Affected Devices | Fixed in version |
NetScaler ADC and NetScaler Gateway 14.1 before 14.1-12.35 | NetScaler ADC and NetScaler Gateway 14.1-12.35 and later releases |
NetScaler ADC and NetScaler Gateway 13.1 before 13.1-51.15 | NetScaler ADC and NetScaler Gateway 13.1-51.15 and later releases of 13.1 |
NetScaler ADC and NetScaler Gateway 13.0 before 13.0-92.21 | NetScaler ADC and NetScaler Gateway 13.0-92.21 and later releases of 13.0 |
NetScaler ADC 13.1-FIPS before 13.1-37.176 | NetScaler ADC 13.1-FIPS 13.1-37.176 and later releases of 13.1-FIPS |
NetScaler ADC 12.1-FIPS before 12.1-55.302 | NetScaler ADC 12.1-FIPS 12.1-55.302 and later releases of 12.1-FIPS |
NetScaler ADC 12.1-NDcPP before 12.1-55.302 | NetScaler ADC 12.1-NDcPP 12.1-55.302 and later releases of 12.1-NDcPP |
Furthermore, Citrix also stated that NetScaler ADC and NetScaler Gateway version 12.1 have reached End Of Life (EOL) and are vulnerable. For additional information, Citrix has released a security advisory that provides details about the mitigation, affected versions, and other information.
Users of these devices are advised to upgrade to the latest versions to prevent these vulnerabilities from getting exploited by threat actors.
Try Kelltron’s cost-effective penetration testing services to evaluate digital systems security. Free demo available.