All intelligence
// vulnerability record
cached · NVD via COSMOS syncCVE-2023-4966
NONEKEVpublish date unavailable
CVSS / 10
// description
Citrix NetScaler ADC and NetScaler Gateway contain a buffer overflow vulnerability that allows for sensitive information disclosure when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server.
// required action (CISA KEV)
Apply mitigations and kill all active and persistent sessions per vendor instructions [https://www.netscaler.com/blog/news/cve-2023-4966-critical-security-update-now-available-for-netscaler-adc-and-netscaler-gateway/] OR discontinue use of the product if mitigations are unavailable.
added 2023-10-18 00:00 UTC