PT-2023-3753 · Citrix · Citrix Netscaler Gateway+3

Published

2023-05-09

Updated

2026-03-10

CVE-2023-24487

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:C/I:N/A:N

Name of the Vulnerable Software and Affected Versions Citrix ADC and Citrix Gateway (affected versions not specified)

Description The issue is related to an arbitrary file read in Citrix ADC and Citrix Gateway, previously known as Citrix NetScaler Application Delivery Controller and Citrix NetScaler Gateway, respectively. It is caused by incorrect checking of the return value of a function. Exploitation of this issue may allow an attacker to disclose protected information.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-253

Related Identifiers

BDU:2023-04042

CVE-2023-24487

Affected Products

Citrix Adc

Citrix Gateway

Citrix Netscaler Application Delivery Controller

Citrix Netscaler Gateway

PT-2023-3753 · Citrix · Citrix Netscaler Gateway+3

CVE-2023-24487

Weakness Enumeration

Related Identifiers

Affected Products

References · 5