CVE-2023-6549
Citrix NetScaler ADC and NetScaler Gateway Buffer Overflow Vulnerability
CVSS
—
No CVSS
EPSS
57.6%
p99
KEV
YES
Jan 17, 2024
Exploit Today
80
0-100
Published: — · Last modified: —
Product
Citrix / NetScaler ADC and NetScaler Gateway
Vulnerability
Citrix NetScaler ADC and NetScaler Gateway Buffer Overflow Vulnerability
Added to KEV
Jan 17, 2024
Remediate by
Feb 7, 2024
Known ransomware use
No
Summary description
Citrix NetScaler ADC and NetScaler Gateway contain a buffer overflow vulnerability that allows for a denial-of-service when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server.
Required action
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Notes
https://support.citrix.com/article/CTX584986/netscaler-adc-and-netscaler-gateway-security-bulletin-for-cve20236548-and-cve20236549; https://nvd.nist.gov/vuln/detail/CVE-2023-6549