all InfoSec news
CVE-2023-4966 (CitrixBleed): Invalidate Active or Persistent Sessions To Prevent Further Compromise
Cyber Exposure Alerts www.tenable.com
Patching CitrixBleed isn’t enough; organizations need to invalidate active or persistent session tokens as the these tokens can be used to bypass authentication even with multifactor authentication enabled
Background
On October 10, Citrix published its advisory (CTX579459) for CVE-2023-4966, a critical vulnerability in its NetScaler Application Delivery Controller (ADC) and Gateway devices that is referred to as CitrixBleed. Tenable Research has published two blogs on CitrixBleed, our initial analysis of the vulnerability as well as a Frequently Asked Questions …
adc advisory application application delivery application delivery controller authentication bypass citrix citrixbleed compromise controller critical critical vulnerability cve cve-2023-4966 delivery gateway isn multifactor multifactor authentication netscaler october organizations patching persistent session sessions tokens vulnerability