all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Citrix NetScaler ADC and Gateway Buffer Overflow Vulnerability (CVE-2023-4966)

Add to bookmarks
Nov. 10, 2023, 6:38 p.m. |

FortiGuard Labs | FortiGuard Center - Threat Signal Report fortiguard.fortinet.com

What is the Attack?

According to the blog published by Citrix, CVE-2023-4966 is a buffer overflow vulnerability that can result in unauthorized data disclosure on Citrix NetScaler ADC and NetScaler Gateway products.

These products when configured as a gateway or as an authentication, authorization and auditing (AAA) virtual servers have this particular weakness. The advisory also states that the vulnerability is rated critical, and no workarounds are available. Only an upgrade to the affected products can mitigate the attack.


Why …

adc attack auditing authentication authorization blog buffer buffer overflow buffer overflow vulnerability citrix citrix netscaler citrix netscaler adc cve cve-2023-4966 data disclosure gateway netscaler netscaler adc netscaler gateway overflow products result servers virtual vulnerability what is

Visit resource

More from fortiguard.fortinet.com / FortiGuard Labs | FortiGuard Center - Threat Signal Report

GitLab Password Reset Vulnerability (CVE-2023-7028) 17 hours ago | fortiguard.fortinet.com
account administrator attacker cisa +23
Ignite Realtime Openfire Path Traversal Vulnerability (CVE-2023-32315) 1 day, 17 hours ago | fortiguard.fortinet.com
CrushFTP VFS Sandbox Escape Vulnerability (CVE-2024-4040) 2 days, 21 hours ago | fortiguard.fortinet.com
attackers attacks cisa cisa known exploited vulnerabilities +27
ArcaneDoor Attack (CVE-2024-20353 and CVE-2024-20359) 1 week, 1 day ago | fortiguard.fortinet.com
adaptive security advisory april arcanedoor +22
Akira Ransomware Attack (CVE-2023-20269 and CVE-2020-3259) 1 week, 1 day ago | fortiguard.fortinet.com
access advisory akira akira ransomware +17
PAN-OS Critical Flaw in GlobalProtect Gateway (CVE-2024-3400) 2 weeks, 3 days ago | fortiguard.fortinet.com
advisory attack code code injection +27
XZ Utils Supply Chain Attack (CVE-2024-3094) 4 weeks, 1 day ago | fortiguard.fortinet.com
attack code compression cve +25
Nice Linear eMerge Command Injection Vulnerability (CVE-2019–7256) 1 month ago | fortiguard.fortinet.com
access attacker code code execution +25
Jenkins Arbitrary File Read Vulnerability (CVE-2024-23897) 1 month ago | fortiguard.fortinet.com
access application application developers attackers +31

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote
View on infosec-jobs.com

Offensive Security Engineer

@ Ivanti | United States, Remote
View on infosec-jobs.com

Senior Security Engineer I

@ Samsara | Remote - US
View on infosec-jobs.com

Senior Principal Information System Security Engineer

@ Chameleon Consulting Group | Herndon, VA
View on infosec-jobs.com

Junior Detections Engineer

@ Kandji | San Francisco
View on infosec-jobs.com

Data Security Engineer/ Architect - Remote United States

@ Stanley Black & Decker | Towson MD USA - 701 E Joppa Rd Bg 700
View on infosec-jobs.com
View more jobs