Sensitive information disclosure in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server.
Published: 2023-12-06
Patching CitrixBleed isn’t enough; organizations need to invalidate active or persistent session tokens as the these tokens can be used to compromise networks and bypass authentication measures including multifactor authentication
Published: 2023-11-20
Frequently asked questions relating to a critical vulnerability in Citrix NetScaler that has been under active exploitation for over a month, including by ransomware groups.
Published: 2023-10-18
A critical information disclosure vulnerability in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway has been exploited in the wild as a zero-day vulnerability. Organizations are urged to patch immediately.
http://packetstormsecurity.com/files/175323/Citrix-Bleed-Session-Token-Leakage-Proof-Of-Concept.html
https://thehackernews.com/2025/04/critical-ivanti-flaw-actively-exploited.html
https://news.sophos.com/en-us/2025/04/02/2025-sophos-active-adversary-report/
https://www.ic3.gov/Media/News/2024/241010.pdf
https://services.google.com/fh/files/misc/m-trends-2024.pdf
https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/ransomware-attacks-exploits
https://www.secureworks.com/blog/lockbit-in-action
https://blog.talosintelligence.com/talos-ir-quarterly-report-q4-2023/
https://therecord.media/hhs-warns-of-citrix-bleed-bug
https://cyberplace.social/@GossiTheDog/111502145876827515
https://cybernews.com/news/yanfeng-ransomware-attack-claimed-qilin/
https://isc.sans.edu/diary/rss/30498
https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-325a
https://cyberplace.social/@GossiTheDog/111408758925049114
https://www.theregister.com/2023/10/31/mass_exploitation_citrix_bleed/
https://www.mandiant.com/resources/blog/session-hijacking-citrix-cve-2023-4966
Published: 2023-10-10
Updated: 2025-03-13
Named Vulnerability: CitrixBleedNamed Vulnerability: Citrix BleedKnown Exploited Vulnerability (KEV)
Base Score: 7.8
Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:N
Severity: High
Base Score: 7.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Severity: High
EPSS: 0.94378
Tenable Research has classified this CVE under the following Vulnerability Watch classification, which includes active and historical (inactive) classifications. You can learn more about these classifications on our blog.
Vulnerability of Concern