Description

Acunetix determined that it was possible to leak the Citrix NetScaler's memory.

Remediation

Upgrade to the latest version of Citrix NetScaler

References

NetScaler ADC and NetScaler Gateway Security Bulletin for CVE-2023-4966 and CVE-2023-4967

Citrix Bleed: Leaking Session Tokens with CVE-2023-4966

Related Vulnerabilities

Ruby on Rails Uncontrolled Resource Consumption Vulnerability (CVE-2020-8185)

WordPress Plugin Knews Multilingual Newsletters 'ff' Parameter Cross-Site Scripting (1.1.0)

WordPress Plugin Sucuri Security-Auditing, Malware Scanner and Security Hardening Cross-Site Scripting (1.7.15)

WordPress Plugin CSV Import Cross-Site Scripting (1.0)

Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-28331)

Severity

Critical

Classification

CVE-2023-4966 CWE-119 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L

Tags

Information Disclosure Missing Update Known Vulnerabilities