CVE-2023-24487, CVE-2023-24488 : Multiple vulnerabilities in Citrix ADC and Citrix Gateway Security

Source : Internet

Severity Rating: MEDIUM 

Software Version Affected :
            Citrix ADC and Citrix Gateway 13.1 before 13.1-45.61
            Citrix ADC and Citrix Gateway 13.0 before 13.0-90.11
            Citrix ADC and Citrix Gateway 12.1 before 12.1-65.35
            Citrix ADC 12.1-FIPS before 12.1-55.296
            Citrix ADC 12.1-NDcPP before 12.1-55.296

Description : CVE-2023-24487: Addressing the Arbitrary File Read Vulnerability in Citrix Products Citrix products have been identified as vulnerable to an arbitrary file read vulnerability, tracked as CVE-2023-24487. This vulnerability is attributed to an incorrect check of function return value within the affected products. Exploitation of this vulnerability can allow an attacker to gain unauthorized access to the NSIP (NetScaler IP) or SNIP (Subnet IP) with management interface access. To successfully exploit this vulnerability, an attacker would need to send a specially crafted request to the targeted system. By doing so, they can gain access to the NSIP or SNIP, potentially executing arbitrary code and compromising the security of the affected system.

CVE-2023-24488: Resolving the Cross-Site Scripting Vulnerability in Citrix Products Citrix products have also been found vulnerable to a cross-site scripting (XSS) vulnerability, identified as CVE-2023-24488. The root cause of this vulnerability is improper input validation within the affected Citrix products. Exploitation of this vulnerability involves the creation of a crafted malicious link that, when clicked, redirects to an arbitrary location.  To protect against this vulnerability, organizations utilizing Citrix products should prioritize applying any available patches or security updates provided by Citrix. By doing so, they can address the underlying flaw and mitigate the risk of exploitation.

Impact : CVE-2023-24487 – The impact of this vulnerability can be significant, as unauthorized access to critical systems can lead to further compromise, data theft, or disruption of operations. It is crucial for organizations using Citrix products to take immediate action to mitigate the risks associated with this vulnerability.Citrix, as the vendor, is likely to release patches or security updates to address this vulnerability. Organizations should promptly apply these updates as soon as they become available. In addition to patching, implementing other security measures such as network segmentation, access controls, and intrusion detection systems can help mitigate the risk of exploitation.  Successful exploitation of CVE-2023-24488 can enable a remote attacker to execute arbitrary code and launch cross-site scripting attacks against the targeted system. This type of attack allows the attacker to inject and execute malicious scripts within the context of a user’s web browser, potentially leading to unauthorized access, data theft, or other malicious activities.   

Mitigation :        

Disclaimer : The information provided herein is on “as is” basis, without warranty of any kind.