CVE-2023-4966

high

Description

Sensitive information disclosure in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server.

References

https://services.google.com/fh/files/misc/m-trends-2024.pdf

https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/ransomware-attacks-exploits

https://www.secureworks.com/blog/lockbit-in-action

https://blog.talosintelligence.com/talos-ir-quarterly-report-q4-2023/

https://www.tenable.com/blog/cve-2023-6548-cve-2023-6549-zero-day-vulnerabilities-netscaler-adc-gateway-exploited

https://isc.sans.edu/diary/rss/30498

https://www.tenable.com/blog/cve-2023-4966-citrixbleed-invalidate-sessions-to-prevent-compromise

https://therecord.media/hhs-warns-of-citrix-bleed-bug

https://cyberplace.social/@GossiTheDog/111502145876827515

https://cybernews.com/news/yanfeng-ransomware-attack-claimed-qilin/

https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-325a

https://www.bleepingcomputer.com/news/security/lockbit-ransomware-exploits-citrix-bleed-in-attacks-10k-servers-exposed/

https://cyberplace.social/@GossiTheDog/111408758925049114

https://www.theregister.com/2023/10/31/mass_exploitation_citrix_bleed/

https://www.mandiant.com/resources/blog/session-hijacking-citrix-cve-2023-4966

https://www.tenable.com/blog/cve-2023-4966-citrix-netscaler-adc-and-netscaler-gateway-information-disclosure-exploited-in

https://www.bleepingcomputer.com/news/security/recently-patched-citrix-netscaler-bug-exploited-as-zero-day-since-august/

https://support.citrix.com/article/CTX579459

http://packetstormsecurity.com/files/175323/Citrix-Bleed-Session-Token-Leakage-Proof-Of-Concept.html

Details

Source: Mitre, NVD

Published: 2023-10-10

Updated: 2024-08-02

Risk Information

CVSS v2

Base Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:N

Severity: High

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N