Jdoe

**Name of the Vulnerable Software and Affected Versions** Citrix NetScaler ADC versions prior to 14.1-43.56 Citrix NetScaler ADC versions prior to 13.1-58.32 Citrix NetScaler Gateway versions prior to 14.1-43.56 Citrix NetScaler Gateway versions prior to 13.1-58.32 **Description** An insufficient input validation issue leads to a memory overread (out-of-bounds read) when the system is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or an AAA virtual server. This memory leak occurs during the parsing of specific POST requests. Specifically, an unauthenticated remote attacker can send a specially crafted POST request to the '/p/u/doAuthentication.do' endpoint where the `login` parameter is provided without an equals sign or a value. The server then responds with a fragment of uninitialized process memory within the `<InitialValue>` XML element. Each request can leak approximately 127 bytes, allowing for the gradual extraction of sensitive data from memory, which impacts the confidentiality, integrity, and availability of protected information. **Recommendations** Update Citrix NetScaler ADC and Gateway to version 14.1-43.56 or later. Update Citrix NetScaler ADC and Gateway to version 13.1-58.32 or later. As a temporary mitigation, implement a WAF rule to block POST requests to the '/p/u/doAuthentication.do' URI that contain a body consisting only of the `login` parameter (regardless of case) without a value.