Lucene search
CitrixCVE-2023-3519HistoryJul 19, 2023 - 6:15 p.m.
CVE-2023-3519
2023-07-1918:15:11
CWE-94
Citrix
web.nvd.nist.gov
986
In Wild
20
nvd
cve
unauthenticated
remote code execution
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.7
Confidence
High
EPSS
0.966
Percentile
99.7%
Unauthenticated remote code execution
Affected configurations
Node
citrixnetscaler_application_delivery_controllerRange12.1β12.1-55.297fips
ORcitrixnetscaler_application_delivery_controllerRange12.1β12.1-55.297ndcpp
ORcitrixnetscaler_application_delivery_controllerRange13.0β13.0-91.13-
ORcitrixnetscaler_application_delivery_controllerRange13.1β13.1-37.159fips
ORcitrixnetscaler_application_delivery_controllerRange13.1β13.1-49.13-
ORcitrixnetscaler_application_delivery_controllerMatch11.1-65.22fips
ORcitrixnetscaler_gatewayRange13.0β13.0-91.13
ORcitrixnetscaler_gatewayRange13.1β13.1-49.13
| Vendor | Product | Version | CPE |
|---|---|---|---|
| citrix | netscaler_application_delivery_controller | * | cpe:2.3:a:citrix:netscaler_application_delivery_controller:*:*:*:*:fips:*:*:* |
| citrix | netscaler_application_delivery_controller | * | cpe:2.3:a:citrix:netscaler_application_delivery_controller:*:*:*:*:ndcpp:*:*:* |
| citrix | netscaler_application_delivery_controller | * | cpe:2.3:a:citrix:netscaler_application_delivery_controller:*:*:*:*:-:*:*:* |
| citrix | netscaler_application_delivery_controller | 11.1-65.22 | cpe:2.3:a:citrix:netscaler_application_delivery_controller:11.1-65.22:*:*:*:fips:*:*:* |
| citrix | netscaler_gateway | * | cpe:2.3:a:citrix:netscaler_gateway:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "NetScaler ADCβ―",
"vendor": "Citrix",
"versions": [
{
"lessThan": "49.13",
"status": "affected",
"version": "13.1",
"versionType": "patch"
},
{
"lessThan": "91.13",
"status": "affected",
"version": "13.0",
"versionType": "patch"
},
{
"lessThan": "37.159",
"status": "affected",
"version": "13.1-FIPS",
"versionType": "patch"
},
{
"lessThan": "55.297",
"status": "affected",
"version": "12.1-FIPS",
"versionType": "patch"
},
{
"lessThan": "55.297",
"status": "affected",
"version": "12.1-NDcPP",
"versionType": "patch"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NetScaler Gateway",
"vendor": "Citrix",
"versions": [
{
"lessThan": "49.13",
"status": "affected",
"version": "13.1",
"versionType": "patch"
},
{
"lessThan": "91.13",
"status": "affected",
"version": "13.0",
"versionType": "patch"
}
]
}
]References
Social References
More
Related
malwarebytes
malwarebytes
A week in security (July 17 - 23)
2023-07-24 02:00:00
Citrix NetScalers backdoored in widespread exploitation campaign
2023-08-17 01:00:00
impervablog
impervablog
CVE-2023-3519: NetScaler (Citrix) RCE Blocked By Imperva
2023-07-23 09:46:23
githubexploit
githubexploit
thn
thn
prion
prion
Remote code execution
2023-07-19 18:15:00
saint
saint
Citrix ADC nsppe buffer overflow
2023-08-09 00:00:00
Citrix ADC nsppe buffer overflow
2023-08-09 00:00:00
attackerkb
attackerkb
CVE-2023-3519
2023-07-19 00:00:00
metasploit
metasploit
Citrix ADC (NetScaler) Forms SSO Target RCE
2023-07-31 21:30:52
packetstorm
packetstorm
Citrix ADC (NetScaler) Remote Code Execution
2023-08-04 00:00:00
cisa_kev
cisa_kev
Citrix NetScaler ADC and NetScaler Gateway Code Injection Vulnerability
2023-07-19 00:00:00
cvelist
cvelist
CVE-2023-3519
2023-07-19 17:51:39
nvd
nvd
CVE-2023-3519
2023-07-19 18:15:11
zdt
zdt
Citrix ADC (NetScaler) Remote Code Execution Exploit
2023-08-08 00:00:00
nessus
nessus
Citrix ADC and Citrix Gateway Multiple Vulnerabilities (CTX561482)
2023-07-18 00:00:00
ics
ics
Threat Actors Exploiting Citrix CVE-2023-3519 to Implant Webshells
2023-07-20 12:00:00
Iran-based Cyber Actors Enabling Ransomware Attacks on US Organizations
2024-08-28 12:00:00
#StopRansomware: RansomHub Ransomware
2024-08-29 12:00:00
rapid7blog
rapid7blog
Whatβs New in InsightVM and Nexpose: Q3 2023 in Review
2023-09-29 19:42:26
Metasploit weekly wrap-up
2023-08-11 15:22:20
citrix
citrix
trellix
trellix
The Bug Report - July 2023 Edition
2023-08-02 00:00:00
The Bug Report - July 2023 Edition
2023-08-02 00:00:00
securelist
securelist
IT threat evolution in Q3 2023. Non-mobile statistics
2023-12-01 10:00:03
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.7
Confidence
High
EPSS
0.966
Percentile
99.7%
Related for CVE-2023-3519