Summary
3 new security vulnerabilities, including one with a severity of “high,” have been discovered in NetScaler Console and NetScaler Agent products. This vulnerability could allow a malicious user to elevate their privileges on the target instances.
Risk
Vulnerability impact estimate on the reference community: Medium (63.58)
Type
- Privilege Escalation
Affected products and versions
- NetScaler Console 14.1, versions prior to 14.1-38.53
- NetScaler Console 13.1, versions prior to 13.1-56.18
- NetScaler Agent 14.1, versions prior to 14.1-38.53
- NetScaler Agent 13.1, versions prior to 13.1-56.18
Mitigation actions
In line with the vendor statements, it is recommended to update the products following the indications available at the links reported in the References section.
Below are the CVEs related to the vulnerabilities with a severity of “high”:
References
https://support.citrix.com/s/topic/0TO4z0000001GYdGAM/security-bulletin?language=en_US
1This estimate is made taking into account several parameters, including: CVSS, availability of patches/workarounds and PoC, diffusion of the affected software/devices in the reference community.
