(Mal wieder) In aller Kürze: Soeben kam ein Mail-Alert vom Citrix Knowledecenter mit Verweis auf folgenden CTX Artikel: NetScaler ADC and NetScaler Gateway Security Bulletin for CVE-2023-6548 and CVE-2023-6549 (citrix.com)
Hier die Mail zu den CVEs:
This email is to notify you that the following high severity Security Bulletin has been newly created or modified.
NetScaler ADC and NetScaler Gateway Security Bulletin for CVE-2023-6548 and CVE-2023-6549
Applicable Products
- Netscaler
- Netscaler Gateway
Description of Problem
Two vulnerabilities have been discovered in NetScaler ADC (formerly Citrix ADC) and NetScaler Gateway (formerly Citrix Gateway).
Affected Versions:
The following supported versions of NetScaler ADC and NetScaler Gateway are affected by the vulnerabilities:
- NetScaler ADC and NetScaler Gateway 14.1 before 14.1-12.35
- NetScaler ADC and NetScaler Gateway 13.1 before 13.1-51.15
- NetScaler ADC and NetScaler Gateway 13.0 before 13.0-92.21
- NetScaler ADC 13.1-FIPS before 13.1-37.176
- NetScaler ADC 12.1-FIPS before 12.1-55.302
- NetScaler ADC 12.1-NDcPP before 12.1-55.302
Note: NetScaler ADC and NetScaler Gateway version 12.1 is now End Of Life (EOL) and is vulnerable.
This bulletin only applies to customer-managed NetScaler ADC and NetScaler Gateway products. Customers using Citrix-managed cloud services or Citrix-managed Adaptive Authentication do not need to take any action.Summary:
NetScaler ADC and NetScaler Gateway contain the vulnerabilities described below.What Customers should do?
Citrix recommends that you immediately review this Security Bulletin at https://support.citrix.com/article/CTX584986/netscaler-adc-and-netscaler-gateway-security-bulletin-for-cve20236548-and-cve20236549 as action may be needed to protect your environment.
E-Mail-Alarm aus dem Citrix Knowledecenter
Happy Patching (sobald die Citrix Download Seite wieder erreichbar ist)! 🙂
Schreibe einen Kommentar