March 12, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Advisory – Multiple Microsoft Office Vulnerabilities
October 11, 2023Rewterz Threat Alert – Lumma Stealer Malware aka LummaC – Active IOCs
October 11, 2023Rewterz Threat Advisory – Multiple Microsoft Office Vulnerabilities
October 11, 2023Rewterz Threat Alert – Lumma Stealer Malware aka LummaC – Active IOCs
October 11, 2023
Severity
High
Analysis Summary
CVE-2023-4966 CVSS:9.4
Citrix NetScaler ADC and NetScaler Gateway could allow a remote attacker to obtain sensitive information. If configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server, an attacker could exploit this vulnerability to obtain sensitive information.
CVE-2023-4967 CVSS:8.2
Citrix NetScaler ADC and NetScaler Gateway are vulnerable to a denial of service. If configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server, an attacker could exploit this vulnerability to cause a denial of service.
Impact
- Information Disclosure
- Denial of Service
Indicators Of Compromise
CVE
- CVE-2023-4966
- CVE-2023-4967
Affected Vendors
Citrix
Affected Products
- Citrix NetScaler ADC 14.1
- Citrix NetScaler Gateway 13.1
- Citrix NetScaler Gateway 13.0
- Citrix NetScaler ADC 13.0
- Citrix NetScaler ADC 13.1
- Citrix NetScaler ADC 13.1-FIPS
- Citrix NetScaler ADC 12.1-NDcPP
- Citrix NetScaler ADC 12.1-FIPS
Remediation
Refer to Citrix Security Advisory for patch, upgrade or suggested workaround information.