Citrix NetScaler ADC/Gateway OOB Buffer Read DoS
CVE-2023-6549 Published on January 17, 2024
Improper Restriction of Operations within the Bounds of a Memory Buffer in NetScaler ADC and NetScaler Gateway allows Unauthenticated Denial of Service and Out-Of-Bounds Memory Read
Known Exploited Vulnerability
This Citrix NetScaler ADC and NetScaler Gateway Buffer Overflow Vulnerability is part of CISA's list of Known Exploited Vulnerabilities. Citrix NetScaler ADC and NetScaler Gateway contain a buffer overflow vulnerability that allows for a denial-of-service when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server.
The following remediation steps are recommended / required by February 7, 2024: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Vulnerability Analysis
CVE-2023-6549 can be exploited with network access, and does not require authorization privileges or user interaction. This vulnerability is considered to have a low attack complexity. This vulnerability is known to be actively exploited by threat actors in an automatable fashion. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality, with no impact on integrity, and a high impact on availability.
Weakness Type
What is a Buffer Overflow Vulnerability?
The software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.
CVE-2023-6549 has been classified to as a Buffer Overflow vulnerability or weakness.
Products Associated with CVE-2023-6549
stack.watch emails you whenever new vulnerabilities are published in Citrix Netscaler Gateway or Citrix Netscaler Application Delivery Controller. Just hit a watch button to start following.
Affected Versions
Cloud Software Group NetScaler ADC:- Version 14.1 and below 12.35 is affected.
- Version 13.1 and below 51.15 is affected.
- Version 13.0 and below 92.21 is affected.
- Version 13.1-FIPS and below 37.176 is affected.
- Version 12.1-FIPS and below 55.302 is affected.
- Version 12.1-NDcPP and below 55.302 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.