Overview
- Description
- Improper Control of Generation of Code ('Code Injection') in NetScaler ADC and NetScaler Gateway allows an attacker with access to NSIP, CLIP or SNIP with management interface to perform Authenticated (low privileged) remote code execution on Management Interface.
- Source
- secure@citrix.com
- NVD status
- Analyzed
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 8.8
- Impact score
- 5.9
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
Known exploits
Data from CISA
- Vulnerability name
- Citrix NetScaler ADC and NetScaler Gateway Code Injection Vulnerability
- Exploit added on
- Jan 17, 2024
- Exploit action due
- Jan 24, 2024
- Required action
- Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:citrix:netscaler_application_delivery_controller:*:*:*:*:fips:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E5672003-8E6B-4316-B5C9-FE436080ADD1",
"versionEndExcluding": "12.1-55.302",
"versionStartIncluding": "12.1"
},
{
"criteria": "cpe:2.3:a:citrix:netscaler_application_delivery_controller:*:*:*:*:ndcpp:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D1A11ABD-4F45-4BA9-B30B-F1D8A612CC15",
"versionEndExcluding": "12.1-55.302",
"versionStartIncluding": "12.1"
},
{
"criteria": "cpe:2.3:a:citrix:netscaler_application_delivery_controller:*:*:*:*:-:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FC0A5AAC-62DD-416A-A801-A7A95D5EF73C",
"versionEndExcluding": "13.0-92.21",
"versionStartIncluding": "13.0"
},
{
"criteria": "cpe:2.3:a:citrix:netscaler_application_delivery_controller:*:*:*:*:fips:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8C8A6B95-8338-4EE7-A6EC-7D84AEDC4AF3",
"versionEndExcluding": "13.1-37.176",
"versionStartIncluding": "13.1"
},
{
"criteria": "cpe:2.3:a:citrix:netscaler_application_delivery_controller:*:*:*:*:-:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3CF77D9D-FC89-493D-B97D-F9699D182F54",
"versionEndExcluding": "13.1-51.15",
"versionStartIncluding": "13.1"
},
{
"criteria": "cpe:2.3:a:citrix:netscaler_application_delivery_controller:*:*:*:*:-:*:*:*",
"vulnerable": true,
"matchCriteriaId": "62CD82CF-9013-4E54-B175-19B804A351AA",
"versionEndExcluding": "14.1-12.35",
"versionStartIncluding": "14.1"
},
{
"criteria": "cpe:2.3:a:citrix:netscaler_gateway:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "68E1F810-ABCD-40A7-A8C1-4E8727799C7C",
"versionEndExcluding": "13.0-92.21",
"versionStartIncluding": "13.0"
},
{
"criteria": "cpe:2.3:a:citrix:netscaler_gateway:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E870C309-D5CD-4181-9DEB-4833DE2EAEB7",
"versionEndExcluding": "13.1-51.15",
"versionStartIncluding": "13.1"
},
{
"criteria": "cpe:2.3:a:citrix:netscaler_gateway:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2836707F-A36F-479E-BFDC-CF55AEFC37EE",
"versionEndExcluding": "14.1-12.35",
"versionStartIncluding": "14.1"
}
],
"operator": "OR"
}
]
}
]