Citrix Products Multiple Vulnerabilities
Release Date:
15 Jul 2024
388
Views
RISK: Medium Risk
TYPE: Operating Systems - Networks OS
Multiple vulnerabilities were identified in Citrix Products. A remote attacker could exploit some of these vulnerabilities to trigger sensitive information disclosure, elevation of privilege, denial of service condition and remote code execution on the targeted system.
Impact
- Remote Code Execution
- Denial of Service
- Information Disclosure
- Elevation of Privilege
System / Technologies affected
- NetScaler Console 14.1 before 14.1-25.56
- NetScaler Console 13.1 before 13.1-53.24
- NetScaler Console 13.0 before 13.0-92.31
- NetScaler SDX (SVM) 14.1 before 14.1-25.53
- NetScaler SDX (SVM) 13.1 before 13.1-53.17
- NetScaler SDX (SVM) 13.0 before 13.0-92.31
- NetScaler Agent 14.1 before 14.1-25.53
- NetScaler Agent 13.1 before 13.1-53.22
- NetScaler Agent 13.0 before 13.0-92.31
- NetScaler ADC and NetScaler Gateway 14.1 before 14.1-25.56
- NetScaler ADC and NetScaler Gateway 13.1 before 13.1-53.24
- NetScaler ADC and NetScaler Gateway 13.0 before 13.0-92.31
- NetScaler ADC 13.1-FIPS before 13.1-37.190
- NetScaler ADC 12.1-FIPS before 12.1-55.309
- NetScaler ADC 12.1-NDcPP before 12.1-55.309
- Citrix Virtual Apps and Desktops versions before 2402
- Citrix Virtual Apps and Desktops 1912 LTSR before CU9
- Citrix Virtual Apps and Desktops 2203 LTSR before CU5
Note: NetScaler ADC and NetScaler Gateway version 12.1 is now End Of Life (EOL) and is vulnerable.
Solutions
Before installation of the software, please visit the vendor web-site for more details.
Apply fixes issued by the vendor:
- https://support.citrix.com/article/CTX677998/netscaler-console-agent-and-sdx-svm-security-bulletin-for-cve20246235-and-cve20246236
- https://support.citrix.com/article/CTX677944/netscaler-adc-and-netscaler-gateway-security-bulletin-for-cve20245491-and-cve20245492
- https://support.citrix.com/article/CTX678035/windows-virtual-delivery-agent-for-cvad-and-citrix-daas-security-bulletin-cve20246151
- https://support.citrix.com/article/CTX678072/cloud-software-group-security-advisory-for-cve20246387
Vulnerability Identifier
Source
Related Link
- https://support.citrix.com/article/CTX677998/netscaler-console-agent-and-sdx-svm-security-bulletin-for-cve20246235-and-cve20246236
- https://support.citrix.com/article/CTX677944/netscaler-adc-and-netscaler-gateway-security-bulletin-for-cve20245491-and-cve20245492
- https://support.citrix.com/article/CTX678035/windows-virtual-delivery-agent-for-cvad-and-citrix-daas-security-bulletin-cve20246151
- https://support.citrix.com/article/CTX678072/cloud-software-group-security-advisory-for-cve20246387
Related Tags
Share with