Lucene search

[email protected]CVE-2023-4967

HistoryOct 27, 2023 - 7:15 p.m.

CVE-2023-4967

2023-10-2719:15:41

CWE-119

[email protected]

web.nvd.nist.gov

172

cve-2023-4967

denial of service

netscaler adc

netscaler gateway

vpn

virtual server

ica proxy

cvpn

rdp proxy

aaa virtual server

nvd

8.2 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H

0.0005 Low

EPSS

Percentile

17.1%

JSON

Denial of Service in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA Virtual Server

Affected configurations

NVD

Node

citrixnetscaler_application_delivery_controllerRange13.0–13.0-92.19

citrixnetscaler_application_delivery_controllerRange13.1–13.1-49.15

citrixnetscaler_application_delivery_controllerRange14.1–14.1-8.50

Node

citrixnetscaler_gatewayRange13.0–13.0-92.19

citrixnetscaler_gatewayRange13.1–13.1-49.15

citrixnetscaler_gatewayRange14.1–14.1-8.50

Node

citrixnetscaler_application_delivery_controllerRange12.1–12.1-55.300fips

citrixnetscaler_application_delivery_controllerRange12.1–12.1-55.300ndcpp

citrixnetscaler_application_delivery_controllerRange13.1–13.1-37.164fips

CPENameOperatorVersion
citrix:netscaler_application_delivery_controllercitrix netscaler application delivery controllerlt13.0-92.19
citrix:netscaler_application_delivery_controllercitrix netscaler application delivery controllerlt13.1-49.15
citrix:netscaler_application_delivery_controllercitrix netscaler application delivery controllerlt14.1-8.50

CPE	Name	Operator	Version
citrix:netscaler_application_delivery_controller	citrix netscaler application delivery controller	lt	13.0-92.19
citrix:netscaler_application_delivery_controller	citrix netscaler application delivery controller	lt	13.1-49.15
citrix:netscaler_application_delivery_controller	citrix netscaler application delivery controller	lt	14.1-8.50

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "NetScaler ADC",
    "vendor": "Cloud Software Group",
    "versions": [
      {
        "lessThan": "8.50",
        "status": "affected",
        "version": "14.1",
        "versionType": "patch"
      },
      {
        "lessThan": "49.15",
        "status": "affected",
        "version": "13.1",
        "versionType": "patch"
      },
      {
        "lessThan": "92.19",
        "status": "affected",
        "version": "13.0",
        "versionType": "patch"
      },
      {
        "lessThan": "37.164",
        "status": "affected",
        "version": "13.1-FIPS",
        "versionType": "patch"
      },
      {
        "lessThan": "55.300",
        "status": "affected",
        "version": "12.1-FIPS",
        "versionType": "patch"
      },
      {
        "lessThan": "55.300",
        "status": "affected",
        "version": "12.1-NDcPP",
        "versionType": "patch"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "NetScaler Gateway",
    "vendor": "Cloud Software Group",
    "versions": [
      {
        "lessThan": "8.50",
        "status": "affected",
        "version": "14.1",
        "versionType": "patch"
      },
      {
        "lessThan": "49.15",
        "status": "affected",
        "version": "13.1",
        "versionType": "patch"
      },
      {
        "lessThan": "92.19",
        "status": "affected",
        "version": "13.0",
        "versionType": "patch"
      }
    ]
  }
]