CVE-2023-3467

Name of the Vulnerable Software and Affected Versions Citrix NetScaler Application Delivery Controller versions prior to 12.1-55.297 Citrix NetScaler Application Delivery Controller versions prior to 13.0-91.13 Citrix NetScaler Application Delivery Controller versions prior to 13.1-37.159 Citrix NetScaler Application Delivery Controller versions prior to 13.1-49.13 Citrix NetScaler Application Delivery Controller version 11.1-65.22

Description The issue is related to insecure privilege management in Citrix ADC (formerly Citrix NetScaler Application Delivery Controller) and Citrix Gateway (formerly Citrix NetScaler Gateway). This allows a remote attacker to escalate their privileges.

Recommendations For Citrix NetScaler Application Delivery Controller versions prior to 12.1-55.297, update to a version that includes the fix for this issue. For Citrix NetScaler Application Delivery Controller versions prior to 13.0-91.13, update to a version that includes the fix for this issue. For Citrix NetScaler Application Delivery Controller versions prior to 13.1-37.159, update to a version that includes the fix for this issue. For Citrix NetScaler Application Delivery Controller versions prior to 13.1-49.13, update to a version that includes the fix for this issue. For Citrix NetScaler Application Delivery Controller version 11.1-65.22, update to a version that includes the fix for this issue.