Lucene search

CERTVU:521612

HistoryApr 25, 2013 - 12:00 a.m.

Citrix NetScaler and Access Gateway Enterprise Edition unauthorized access to network resources vulnerability

2013-04-2500:00:00

www.kb.cert.org

5.4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:H/Au:N/C:C/I:N/A:N

0.002 Low

EPSS

Percentile

56.9%

JSON

Overview

Citrix NetScaler and Access Gateway Enterprise Edition contain a vulnerability which could result in unauthorized access to network resources.

Description

Citrix NetScaler and Access Gateway Enterprise Edition contain a vulnerability which could allow a remote attacker to gain unauthorized access to network resources.

For additional information please see Citrix Advisory.

Impact

A remote attacker could gain unauthorized access to internal network resources.

Solution

Upgrade

Citrix Advisory states:

_A new version of the NetScaler appliance firmware has been released to address this vulnerability. Citrix strongly recommends that affected customers upgrade their appliances to version 9.3.62.x or later as soon as possible. Customers using NetScaler Access Gateway Enterprise Edition in the Common Criteria evaluated configuration should upgrade to 9.3.53.6. These new firmware versions can be downloaded from the Citrix website at the following location: __<https://www.citrix.com/downloads/netscaler-adc/firmware.html>__
_
_Customers using NetScaler appliance firmware versions up to and including 10.0.74.4 in a double hop deployment should apply the following configuration change from the NSCLI:

>add ns acl allowedHost ALLOW -srcIP <MIP/SNIP address of AGEE in the first DMZ> -destIP <ICA proxy VIP> -priority 10 #permit traffic only from the AGEE appliance in the first DMZ

>enable ns acl allowedHost

>add ns acl denyAll DENY -srcIP 0.0.0.0 - 255.255.255.255 -destIP <ICA proxy VIP> -priority 20 #block everything else

>enable ns acl denyAll
>apply ns acls_

Vendor Information

Citrix Advisory states:

_This vulnerability affects the following NetScaler Access Gateway Enterprise Edition configurations:

• All appliance firmware versions up to and including version 9.3.61.5 with the exception of Common Criteria build 9.3.53.6.

• All version 10.0 appliance firmware up to and including version 10.0.74.4 when deployed in a double hop configuration only.
Customers using an appliance with appliance firmware version 10.0 that is not deployed in a double hop configuration are not affected by this vulnerability._

521612

Filter by status: All Affected Not Affected Unknown

Filter by content: __ Additional information available

__ Sort by: Status Alphabetical

Expand all

Javascript is disabled. Click here to view vendors.

Citrix __ Affected

Notified: March 15, 2013 Updated: April 25, 2013

Status

Affected

Vendor Statement

A new version of the NetScaler appliance firmware has been released to address this vulnerability. Citrix strongly recommends that affected customers upgrade their appliances to version 9.3.62.x or later as soon as possible. Customers using NetScaler Access Gateway Enterprise Edition in the Common Criteria evaluated configuration should upgrade to 9.3.53.6. These new firmware versions can be downloaded from the Citrix website at the following location: <https://www.citrix.com/downloads/netscaler-adc/firmware.html>

Customers using NetScaler appliance firmware versions up to and including 10.0.74.4 in a double hop deployment should apply the following configuration change from the NSCLI:

>add ns acl allowedHost ALLOW -srcIP <MIP/SNIP address of AGEE in the first DMZ> -destIP <ICA proxy VIP> -priority 10 #permit traffic only from the AGEE appliance in the first DMZ

>enable ns acl allowedHost

>add ns acl denyAll DENY -srcIP 0.0.0.0 - 255.255.255.255 -destIP <ICA proxy VIP> -priority 20 #block everything else

>enable ns acl denyAll
>apply ns acls

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

CVSS Metrics

Group	Score	Vector
Base	5.4	AV:N/AC:H/Au:N/C:C/I:N/A:N
Temporal	4.2	E:POC/RL:OF/RC:C
Environmental	4.5	CDP:LM/TD:M/CR:ND/IR:ND/AR:ND

References

Acknowledgements

Thanks to HyeongKwan Lee of SK Planet for reporting this vulnerability.

This document was written by Michael Orlando.

Other Information

CVE IDs:	CVE-2013-2767
Date Public:	2013-04-25 Date First Published:

References

support.citrix.com/article/ctx137238

www.citrix.com/downloads/netscaler-adc/firmware.html

5.4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:H/Au:N/C:C/I:N/A:N

0.002 Low

EPSS

Percentile

56.9%

JSON

Related for VU:521612

Citrix NetScaler and Access Gateway Enterprise Edition unauthorized access to network resources vulnerability

Overview

Description

Impact

Solution

Vendor Information

• All version 10.0 appliance firmware up to and including version 10.0.74.4 when deployed in a double hop configuration only. Customers using an appliance with appliance firmware version 10.0 that is not deployed in a double hop configuration are not affected by this vulnerability._

Citrix __ Affected

Status

Vendor Statement

Vendor Information

Vendor References

CVSS Metrics

References

Acknowledgements

Other Information

References

Related

• All version 10.0 appliance firmware up to and including version 10.0.74.4 when deployed in a double hop configuration only.
Customers using an appliance with appliance firmware version 10.0 that is not deployed in a double hop configuration are not affected by this vulnerability._