CVE-2024-6235

Name of the Vulnerable Software and Affected Versions Citrix NetScaler Console (affected versions not specified)

Description The issue is related to sensitive information disclosure in the NetScaler Console due to improper authentication. This allows an unauthenticated attacker to obtain an admin-level session ID from an internal API and use it to create other admin users on the system. The vulnerability can be exploited by an attacker with network access to the management interface, enabling them to access sensitive information.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.