Citrix NetScaler ADC and NetScaler Gateway Buffer Overflow Vulnerability

Added Jan. 17, 2024 • Due Feb. 7, 2024 • CVE-2023-6549

Overdue Citrix / NetScaler ADC and NetScaler Gateway CWE-119

Description

Citrix NetScaler ADC and NetScaler Gateway contain a buffer overflow vulnerability that allows for a denial-of-service when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server.

Required Action

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

References

https://support.citrix.com/article/CTX584986/netscaler-adc-and-netscaler-gateway-security-bulletin-for-cve20236548-and-cve20236549
https://nvd.nist.gov/vuln/detail/CVE-2023-6549

Additional Information

Catalog Version: 2025.01.24
Catalog Released: Jan. 24, 2025
Days Until Due: 0 days
Last Updated: 5 months ago