Analysis from the Intruder Security Team
Published Oct 15, 2024
The NetScaler suite of products includes load balancing, firewall and VPN services, so one possible impact is compromised remote access to your private networks. NetScaler responds to certain requests by dumping memory back to the sender, which can contain access tokens for logged in users. The exploit is as bad as whatever you’ve given access to remotely through your NetScaler system. And because they're logged in sessions, MFA won't protect you.
More information is available in our blog post here.
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:citrix:netscaler_application_delivery_controller:*:*:*:*:fips:*:*:*",
"vulnerable": true,
"matchCriteriaId": "492BEB4B-7A4B-47C2-93D1-2B0683AA3A20",
"versionEndExcluding": "12.1-55.300",
"versionStartIncluding": "12.1"
},
{
"criteria": "cpe:2.3:a:citrix:netscaler_application_delivery_controller:*:*:*:*:ndcpp:*:*:*",
"vulnerable": true,
"matchCriteriaId": "81EF12C2-4197-4C0D-BE11-556F05DAD646",
"versionEndExcluding": "12.1-55.300",
"versionStartIncluding": "12.1"
},
{
"criteria": "cpe:2.3:a:citrix:netscaler_application_delivery_controller:*:*:*:*:-:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9EEC53B2-686A-4C6F-98DE-5D6AE804B0A8",
"versionEndExcluding": "13.0-92.19",
"versionStartIncluding": "13.0"
},
{
"criteria": "cpe:2.3:a:citrix:netscaler_application_delivery_controller:*:*:*:*:fips:*:*:*",
"vulnerable": true,
"matchCriteriaId": "109301A8-9ADD-4A49-9C45-D21A4DA840E9",
"versionEndExcluding": "13.1-37.164",
"versionStartIncluding": "13.1"
},
{
"criteria": "cpe:2.3:a:citrix:netscaler_application_delivery_controller:*:*:*:*:-:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5C1739C5-48C1-46BC-A524-B4CC4C5B6436",
"versionEndExcluding": "13.1-49.15",
"versionStartIncluding": "13.1"
},
{
"criteria": "cpe:2.3:a:citrix:netscaler_application_delivery_controller:*:*:*:*:-:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9148C36D-98B4-4166-8B9A-449EA86BA4B1",
"versionEndExcluding": "14.1-8.50",
"versionStartIncluding": "14.1"
},
{
"criteria": "cpe:2.3:a:citrix:netscaler_gateway:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5FB1412D-F8D8-4592-A8A9-C1B841B93D5E",
"versionEndExcluding": "13.0-92.19",
"versionStartIncluding": "13.0"
},
{
"criteria": "cpe:2.3:a:citrix:netscaler_gateway:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "28A08B32-D145-499F-866E-BEEEDEBB2901",
"versionEndExcluding": "13.1-49.15",
"versionStartIncluding": "13.1"
},
{
"criteria": "cpe:2.3:a:citrix:netscaler_gateway:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4F1610E6-FE48-4339-8E74-765E0517E33D",
"versionEndExcluding": "14.1-8.50",
"versionStartIncluding": "14.1"
}
],
"operator": "OR"
}
]
}
]