CVE-2023-3467

Published Jul 19, 2023

Last updated a year ago

CVSS high 8.0

Overview

Description: Privilege Escalation to root administrator (nsroot)
Source: secure@citrix.com
NVD status: Analyzed

Risk scores

CVSS 3.1

Type: Primary
Base score: 8
Impact score: 5.9
Exploitability score: 2.1
Vector string: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Severity: HIGH

Weaknesses

nvd@nist.gov: NVD-CWE-noinfo
secure@citrix.com: CWE-269

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:citrix:netscaler_application_delivery_controller:*:*:*:*:fips:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8927B2FA-F87E-4D81-AC29-9032184ECB7E",
            "versionEndExcluding": "12.1-55.297",
            "versionStartIncluding": "12.1"
          },
          {
            "criteria": "cpe:2.3:a:citrix:netscaler_application_delivery_controller:*:*:*:*:ndcpp:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9845E7B1-5604-497D-8241-048E91987C13",
            "versionEndExcluding": "12.1-55.297",
            "versionStartIncluding": "12.1"
          },
          {
            "criteria": "cpe:2.3:a:citrix:netscaler_application_delivery_controller:*:*:*:*:-:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AD949674-8DC1-4B0D-8C0C-F593539E12F1",
            "versionEndExcluding": "13.0-91.13",
            "versionStartIncluding": "13.0"
          },
          {
            "criteria": "cpe:2.3:a:citrix:netscaler_application_delivery_controller:*:*:*:*:fips:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BD0739E3-F7A4-463C-96B0-9D7BDBF218C4",
            "versionEndExcluding": "13.1-37.159",
            "versionStartIncluding": "13.1"
          },
          {
            "criteria": "cpe:2.3:a:citrix:netscaler_application_delivery_controller:*:*:*:*:-:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FCEED8AC-F9A9-4F75-BB32-F53967A8E9A0",
            "versionEndExcluding": "13.1-49.13",
            "versionStartIncluding": "13.1"
          },
          {
            "criteria": "cpe:2.3:a:citrix:netscaler_application_delivery_controller:11.1-65.22:*:*:*:fips:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "102C0D0F-AC37-43B0-8B9A-103B37436130"
          },
          {
            "criteria": "cpe:2.3:a:citrix:netscaler_gateway:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BC825A83-8D84-42C7-868F-0470FF79D497",
            "versionEndExcluding": "13.0-91.13",
            "versionStartIncluding": "13.0"
          },
          {
            "criteria": "cpe:2.3:a:citrix:netscaler_gateway:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "442F6925-199D-4E5B-84C1-05C4D8108B62",
            "versionEndExcluding": "13.1-49.13",
            "versionStartIncluding": "13.1"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

References