all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

CVE-2023-4966: Exploitation of Citrix NetScaler Information Disclosure Vulnerability

Add to bookmarks
Oct. 25, 2023, 6:18 p.m. | Rapid7

Rapid7 Blog blog.rapid7.com

On October 10, 2023, Citrix published an advisory on two vulnerabilities affecting NetScaler ADC and NetScaler Gateway. The more critical of these is CVE-2023-4966, a sensitive information disclosure vulnerability that allows an attacker to read large amounts of memory after the end of a buffer.

adc advisory attacker buffer citrix citrix netscaler critical cve disclosure emergent threat response end exploitation gateway information information disclosure information disclosure vulnerability large memory netscaler netscaler adc netscaler gateway october sensitive sensitive information vulnerabilities vulnerability vulnerability risk management

Visit resource

More from blog.rapid7.com / Rapid7 Blog

Metasploit Weekly Wrap-Up 04/26/24 1 day, 20 hours ago | blog.rapid7.com
addition application clusters community +20
USF College of Engineering Presents Rapid7 With 2024 Corporate Impact Award 4 days, 22 hours ago | blog.rapid7.com
april award awards beyond +11
Unauthenticated CrushFTP Zero-Day Enables Complete Server Compromise 5 days ago | blog.rapid7.com
access account account access administrator +26
Take Command Summit: Take Breaches from Inevitable to Preventable on May 21 6 days, 2 hours ago | blog.rapid7.com
attack aws breaches command +14
Metasploit Weekly Wrap-Up 04/19/24 1 week, 1 day ago | blog.rapid7.com
crushftp emergent threat response exploit framework +11
Enforce and Report on PCI DSS v4 Compliance with Rapid7 1 week, 4 days ago | blog.rapid7.com
adoption compliance council data +21
Rapid7 Insight Platform Achieves Level 2 TX-Ramp Authorization 1 week, 4 days ago | blog.rapid7.com
authorization authorization management cloud cloud security +17
Start with threat modelling and let gamers game 2 weeks, 1 day ago | blog.rapid7.com
availability cloud demand game +20
Metasploit Weekly Wrap-Up 04/12/24 2 weeks, 1 day ago | blog.rapid7.com
account account takeover active directory authentication +16

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Network Security Engineer

@ Meta | Menlo Park, CA | Remote, US
View on infosec-jobs.com

Security Engineer, Investigations - i3

@ Meta | Washington, DC
View on infosec-jobs.com

Threat Investigator- Security Analyst

@ Meta | Menlo Park, CA | Seattle, WA | Washington, DC
View on infosec-jobs.com

Security Operations Engineer II

@ Microsoft | Redmond, Washington, United States
View on infosec-jobs.com

Engineering -- Tech Risk -- Global Cyber Defense & Intelligence -- Bug Bounty -- Associate -- Dallas

@ Goldman Sachs | Dallas, Texas, United States
View on infosec-jobs.com
View more jobs