CVE-2015-2838

Name of the Vulnerable Software and Affected Versions Citrix NetScaler versions prior to 10.5 build 52.3nc

Description A cross-site request forgery (CSRF) issue exists, allowing remote attackers to hijack administrator authentication for requests that execute arbitrary commands as nsroot. This is achieved via shell metacharacters in the file name JSON member in params/xen hotfix/0 to "nitro/v1/config/xen hotfix" API endpoint.

Recommendations For versions prior to 10.5 build 52.3nc, update to build 52.3nc or later to resolve the issue. As a temporary workaround, consider restricting access to the "nitro/v1/config/xen hotfix" API endpoint to minimize the risk of exploitation. Avoid using the file name JSON member in the affected API endpoint until the issue is resolved.