CVE-2023-3519 - Citrix NetScaler ADC and NetScaler Gateway Code Injection Vulnerability

CVE ID:CVE-2023-3519

Project:Citrix

Product:NetScaler ADC and NetScaler Gateway

Date Added:2023-07-19Due Date:2023-08-09

Vulnerability Name

Citrix NetScaler ADC and NetScaler Gateway Code Injection Vulnerability

Description

Citrix NetScaler ADC and NetScaler Gateway contains a code injection vulnerability that allows for unauthenticated remote code execution.

Known To Be Used in Ransomware Campaigns?

Known

Action

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Additional Notes

https://support.citrix.com/article/CTX561482/citrix-adc-and-citrix-gateway-security-bulletin-for-cve20233519-cve20233466-cve20233467

https://nvd.nist.gov/vuln/detail/CVE-2023-3519

Related News Articles

What 2024 taught us about security vulnerabiltiesJanuary 14, 2025

Chinese APT Group Is Ransacking Japan's SecretsJanuary 10, 2025

MirrorFace hackers targeting Japanese govt, politicians since 2019January 10, 2025

Zero-days dominate top frequently exploited vulnerabilitiesNovember 14, 2024

RansomHub Ransomware Group Targets 210 Victims Across Critical SectorsSeptember 2, 2024

Top Security News

Latest CVE List

Top Alert List

CSP
Content Security Policy (CSP) Header Not Set
MediumAbsence of Anti-CSRF Tokens
MediumMissing Anti-clickjacking Header
InformationalInformation Disclosure - Suspicious Comments
LowCross-Domain JavaScript Source File Inclusion
MediumContent Security Policy (CSP) Header Not Set
LowTimestamp Disclosure - Unix
LowCSP: X-Content-Security-Policy
InformationalRe-examine Cache-control Directives

Top CWE List