Mass exploitation of CitrixBleed vulnerability - 20231102002

Overview

CitrixBleed CVE-2023-4966 in Citrix NetScaler ADC and NetScaler Gateway is now under mass exploitation.

What is the vulnerability?

CVE-2023-4966 - CVSS v3 Base Score: 9.4

What is vulnerable?

The vulnerability affects the following products:

NetScaler ADC and NetScaler Gateway

Recommendation

The WA SOC recommends administrators apply the solutions as per vendor instructions to all affected devices within expected timeframe (refer Patch Management):

• NetScaler ADC and NetScaler Gateway Security Bulletin for CVE-2023-4966 and CVE-2023-4967

Additional References

• Citrix Releases Security Updates for Multiple Products - 20231012003