www.esentire.com
Open in
urlscan Pro
104.20.163.46
Public Scan
Submitted URL: http://safelinks.protection.outlook.com/?url=https%3A%2F%2Fmdr.esentire.com%2Fe%2F651833%2Ft-utm-campaign-cs-notification%2F2pzfts%2F994...
Effective URL: https://www.esentire.com/security-advisories/netscaler-adc-and-gateway-zero-day-vulnerability?utm_medium=email&utm_source...
Submission: On August 03 via api from US — Scanned from GB
Effective URL: https://www.esentire.com/security-advisories/netscaler-adc-and-gateway-zero-day-vulnerability?utm_medium=email&utm_source...
Submission: On August 03 via api from US — Scanned from GB
Form analysis 1 forms found in the DOM
Name: resource-form — POST https://mdr.esentire.com/l/651833/2022-05-16/n78r9?success_location=https%3A%2F%2Fwww.esentire.com%2Fsecurity-advisories%2Fnetscaler-adc-and-gateway-zero-day-vulnerability%3FFooterOptinForm%3DSuccess
<form id="pardot-form-footer" data-form-type="formSubmit"
action="https://mdr.esentire.com/l/651833/2022-05-16/n78r9?success_location=https%3A%2F%2Fwww.esentire.com%2Fsecurity-advisories%2Fnetscaler-adc-and-gateway-zero-day-vulnerability%3FFooterOptinForm%3DSuccess" method="post"
enctype="application/x-www-form-urlencoded" name="resource-form" data-zi-mapped-form="">
<div class="Footer__FormTop">
<h3 class="Footer__FormHeading">Join 100,000+ <br>Security Leaders</h3>
<p class="Footer__FormCopy">Get notified of the latest news, intel and helpful tools & assets. You can unsubscribe anytime.</p>
<div class="Footer__Field">
<div class="Footer__InputGroup">
<input type="text" name="email" class="Footer__InputGroup__Input" id="footer-form_field_email" placeholder="Business Email" required="">
<div class="Footer__InputGroup__RequiredMarker"></div>
</div>
</div>
<div class="Footer__Field">
<div class="Footer__InputGroup">
<input type="text" name="first-name" class="Footer__InputGroup__Input" id="footer-form_field_firstname" placeholder="First Name" required="">
<div class="Footer__InputGroup__RequiredMarker"></div>
</div>
</div>
<div class="Footer__Field">
<div class="Footer__InputGroup">
<input type="text" name="last-name" class="Footer__InputGroup__Input" id="footer-form_field_lastname" placeholder="Last Name" required="">
<div class="Footer__InputGroup__RequiredMarker"></div>
</div>
</div>
<div class="Footer__Field">
<div class="Footer__InputGroup">
<input type="text" name="company" class="Footer__InputGroup__Input" id="footer-form_field_company" placeholder="Company" required="">
<div class="Footer__InputGroup__RequiredMarker"></div>
</div>
</div>
<div class="ContactForm__ExtraFields">
<input type="hidden" name="fCampaign" id="footer-pardot-form_utm-campaign" required="required" aria-required="true" maxlength="50" placeholder="UTM Campaign">
<input type="hidden" name="fSource" id="footer-pardot-form_utm-source" required="required" aria-required="true" maxlength="50" placeholder="UTM Source">
<input type="hidden" name="fMedium" id="footer-pardot-form_utm-medium" required="required" aria-required="true" maxlength="50" placeholder="UTM Medium">
<input title="ZI Job Function" type="text" id="footer-pardot-form_zi-job-function" name="zi-job-function">
<input title="ZI Management Level" type="text" id="footer-pardot-form_zi-management-level" name="zi-management-level">
<input title="ZI Contact ID" type="text" id="footer-pardot-form_zi-contact-id" name="zi-contact-id">
<input title="ZI Website" type="text" id="footer-pardot-form_zi-company-website" name="zi-company-website">
<input title="ZI Annual Revenue" type="text" id="footer-pardot-form_zi-company-revenue" name="zi-company-revenue">
<input title="ZI Employees" type="text" id="footer-pardot-form_zi-company-employees" name="zi-company-employees">
<input title="ZI Address One" type="text" id="footer-pardot-form_zi-company-street" name="zi-company-street">
<input title="ZI City" type="text" id="footer-pardot-form_zi-company-city" name="zi-company-city">
<input title="ZI State" type="text" id="footer-pardot-form_zi-company-state" name="zi-company-state">
<input title="ZI Zip" type="text" id="footer-pardot-form_zi-company-zip-code" name="zi-company-zip-code">
<input title="ZI Industry" type="text" id="footer-pardot-form_zi-primary-industry" name="zi-primary-industry">
<input title="ZI isCalifornia" type="text" id="footer-pardot-form_zi-isCalifornia" name="zi-isCalifornia">
<input title="ZI isEU" type="text" id="footer-pardot-form_zi-isEU" name="zi-isEU">
<input title="ZI Looks Like EU" type="text" id="footer-pardot-form_zi-looks-like-EU" name="zi-looks-like-EU">
<input title="ZI Looks like Canada" type="text" id="footer-pardot-form_zi-looks-like-Canada" name="zi-looks-like-Canada">
<input title="ZI Free Email" type="text" id="footer-pardot-form_zi-free-email" name="zi-free-email">
<input title="ZI Generic Email" type="text" id="footer-pardot-form_zi-generic-email" name="zi-generic-email">
<input title="ZI Malformed Email" type="text" id="footer-pardot-form_zi-malformed-email" name="zi-zi-malformed-email">
<input title="ZI ZoomInfo Company ID" type="text" id="footer-pardot-form_zi-company-id" name="zi-company-id">
</div>
<div class="Footer__Recaptcha">
<div id="google-recaptcha-alert"></div>
<div class="g-recaptcha" data-sitekey="6LcwreMUAAAAAGA3U5UvksDxCm2nTKLh2SwF81oU">
<div style="width: 304px; height: 78px;">
<div><iframe title="reCAPTCHA"
src="https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcwreMUAAAAAGA3U5UvksDxCm2nTKLh2SwF81oU&co=aHR0cHM6Ly93d3cuZXNlbnRpcmUuY29tOjQ0Mw..&hl=en&v=pCoGBhjs9s8EhFOHJFe8cqis&size=normal&cb=pse99im2rwfn"
width="304" height="78" role="presentation" name="a-cef4eelhk2" frameborder="0" scrolling="no" sandbox="allow-forms allow-popups allow-same-origin allow-scripts allow-top-navigation allow-modals allow-popups-to-escape-sandbox"></iframe>
</div><textarea id="g-recaptcha-response" name="g-recaptcha-response" class="g-recaptcha-response"
style="width: 250px; height: 40px; border: 1px solid rgb(193, 193, 193); margin: 10px 25px; padding: 0px; resize: none; display: none;"></textarea>
</div><iframe style="display: none;"></iframe>
</div>
</div>
<p class="Footer__Disclaimer">By clicking the button below I confirm that I have read and agree to the eSentire <a href="/legal/privacy-policy">privacy policy</a>.</p>
<input type="submit" class="Footer__FormButton" value="Submit">
</div>
</form>Text Content
SECURITY ADVISORIES
NETSCALER ADC AND GATEWAY ZERO-DAY VULNERABILITY
July 18, 2023 | 1 MIN READ
SPEAK WITH A SECURITY EXPERT NOW
TALK TO AN EXPERT
THE THREAT
On July 18, 2023, Citrix disclosed three vulnerabilities impacting NetScaler ADC
(formerly Citrix ADC) and NetScaler Gateway (formerly Citrix Gateway), one of
which is confirmed to be exploited in the wild, prior to the release of security
patches. The zero-day vulnerability, tracked as CVE-2023-3519 (CVSS: 9.8), may
be exploited by a remote and unauthenticated threat actor to achieve code
execution. Citrix has not released any details relating to the current
exploitation activity targeting NetScaler ADC and Gateway.
As exploitation has been confirmed in the wild, eSentire strongly encourages
organizations using Citrix products to update to the most current version as
soon as possible.
WHAT WE'RE DOING ABOUT IT
* eSentire Managed Vulnerability Service (MVS) will add the relevant plugins as
they become available
* The eSentire Threat Intelligence team is actively tracking this topic for
additional details and detection opportunities
WHAT YOU SHOULD DO ABOUT IT
* After performing a business impact review, apply the relevant security
patches
* CVE-2023-3519 should be prioritized for immediate patching as exploitation
has been confirmed
* Alternative mitigations are not available at this time
ADDITIONAL INFORMATION
While details surrounding CVE-2023-3519 are still minimal, it should be noted,
that for successful exploitation of the vulnerability, a vulnerable device must
be configured as a Gateway or AAA virtual server. Citrix servers are not
configured as Gateways or AAA virtual servers by default. The eSentire Threat
Intelligence team will continue to track this vulnerability going forward.
The two other vulnerabilities, disclosed by Citrix in this release, are rated as
high severity but have not been exploited in real-world attacks at this time.
* CVE-2023-3466 (CVSS: 8.3) - Reflected Cross-Site Scripting
* CVE-2023-2467 (CVSS: 8.0) - Privilege Escalation to root administrator
(nsroot)
Impacted Citrix Products:
* NetScaler ADC and NetScaler Gateway 13.1 before 13.1-49.13
* NetScaler ADC and NetScaler Gateway 13.0 before 13.0-91.13
* NetScaler ADC 13.1-FIPS before 13.1-37.159
* NetScaler ADC 12.1-FIPS before 12.1-65.36
* NetScaler ADC 12.1-NDcPP before 12.65.36
NetScaler Gateway and NetScaler ADC version 12.1 is out of support and will not
receive any additional updates. Organizations using version 12.1 are strongly
recommended to update to a supported version as soon as possible.
References:
[1]
https://support.citrix.com/article/CTX561482/citrix-adc-and-citrix-gateway-security-bulletin-for-cve20233519-cve20233466-cve20233467
View Most Recent Advisories
Cookies allow us to deliver the best possible experience for you on our website
- by continuing to use our website or by closing this box, you are consenting to
our use of cookies. Visit our Privacy Policy to learn more.
Accept
ARE YOU EXPERIENCING A SECURITY INCIDENT OR HAVE YOU BEEN BREACHED?
1-866-579-2200
THE AUTHORITY IN MANAGED DETECTION AND RESPONSE
Get Started Partner Login
SALES AND CUSTOMER SUPPORT
North America
1-866-579-2200 EMEA
(0)8000 443242 Africa/APAC
+1 519 651 2200
WHAT WE DO
Exposure Management Services Managed Detection & Response Digital Forensics &
Incident Response Extended Detection & Response (XDR) Cyber Resilience Team
Security Operations Centers Threat Response Unit (TRU) MDR for Microsoft MDR for
AWS Cloud Response and Remediation
HOW WE DO IT
MDR Pricing Use Cases Industries Network Endpoint Log Cloud Insider Threat
RESOURCES
Security Advisories Blog Resource Library Video Library TRU Intelligence Center
Case Studies Real vs Fake MDR Cybersecurity Glossary
COMPANY
About Us Leadership Newsroom Event Calendar Careers Partners
TOOLS
Cybersecurity Assessment MDR ROI Calculator SOC Calculator MITRE ATT&CK® Tool
JOIN 100,000+
SECURITY LEADERS
Get notified of the latest news, intel and helpful tools & assets. You can
unsubscribe anytime.
By clicking the button below I confirm that I have read and agree to the
eSentire privacy policy.
2023 eSentire, Inc. All Rights Reserved.
Sitemap Terms and Conditions Privacy Policy Accessibility Legal
Get Started
What We Do
How We Do It
Resources
Company
Partners
Get Started
What we do
How we do it
Resources
Company
Partners
Request a Quote