Privilege Escalation Vulnerability in Citrix ADC and Citrix Gateway
CVE-2023-3467

8HIGH

Key Information:

Vendor: Citrix
Status: Netscaler Adc; Netscaler Gateway
Vendor: CVE Published:; 19 July 2023

Summary

A privilege escalation vulnerability exists in Citrix ADC and Citrix Gateway, allowing an attacker to gain root administrator access (nsroot). This security flaw can be exploited to manipulate system settings and breach sensitive data, thereby amplifying the risks associated with unauthorized access. Immediate assessment and remediation are essential to safeguard affected systems.

Affected Version(s)

NetScaler ADC  13.1 < 49.13

NetScaler ADC  13.0 < 91.13

NetScaler ADC  13.1-FIPS < 37.159

References

https://support.citrix.com/article/CTX561482/citrix-adc-a...

CVSS V3.1

Score:

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 19, 2023
Vulnerability Reserved
Jun 29, 2023