Citrix Products Multiple Vulnerabilities

Release Date: 15 Nov 2024 2956 Views

RISK: Medium Risk

Medium Risk

TYPE: Operating Systems - Networks OS

TYPE: Networks OS

Multiple vulnerabilities were identified in Citrix Products. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, elevation of privilege and remote code execution on the targeted system.

 

Note:

Proof of concept exploit for CVE-2024-8068 and CVE-2024-8069 exists on the internet. Attacker needs to be authenticated before exploiting the vulunbilities. Hence, the overall risk is rated as Medium Risk. 

 

Impact

  • Remote Code Execution
  • Elevation of Privilege
  • Denial of Service

System / Technologies affected

  • Citrix Virtual Apps and Desktops before 2407 hotfix 24.5.200.8
  • Citrix Virtual Apps and Desktops 1912 LTSR before CU9 hotfix 19.12.9100.6
  • Citrix Virtual Apps and Desktops 2203 LTSR before CU5 hotfix 22.03.5100.11
  • Citrix Virtual Apps and Desktops 2402 LTSR before CU1 hotfix 24.02.1200.16
  • NetScaler ADC and NetScaler Gateway 14.1 before  14.1-29.72
  • NetScaler ADC and NetScaler Gateway 13.1  before  13.1-55.34
  • NetScaler ADC 13.1-FIPS before  13.1-37.207
  • NetScaler ADC 12.1-FIPS before  12.1-55.321
  • NetScaler ADC 12.1-NDcPP before  12.1-55.321

Solutions

Before installation of the software, please visit the vendor web-site for more details.

 

Apply fixes issued by the vendor:

Vulnerability Identifier

Source

Related Link

Related Tags

CitrixRemote Code ExecutionElevation of PrivilegeDenial of ServiceProof of Concept

Share with

Previous

Fortinet Products Multiple Vulnerabilities

15 Nov 2024 3132 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY