CVE-2023-4966Citrix NetScaler ADC and NetScaler Gateway Buffer Overflow Vulnerability

PUBLISHEDvulnerability record
2023-10-18 · last modified June 21, 2025

Metadata

CVE ID:
CVE-2023-4966
项目:
Citrix
产品:
NetScaler ADC and NetScaler Gateway
添加日期:
2023-10-18
到期日:
2023-11-08
最后更新:
June 21, 2025

漏洞名称

Citrix NetScaler ADC and NetScaler Gateway Buffer Overflow Vulnerability

描述

Citrix NetScaler ADC and NetScaler Gateway contain a buffer overflow vulnerability that allows for sensitive information disclosure when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server.

已知用于勒索软件活动吗?

勒索软件状态:
KNOWN

采集行动

Apply mitigations and kill all active and persistent sessions per vendor instructions [https://www.netscaler.com/blog/news/cve-2023-4966-critical-security-update-now-available-for-netscaler-adc-and-netscaler-gateway/] OR discontinue use of the product if mitigations are unavailable.

其他说明

相关新闻文章

相关 CWE