Overview
- Description
- Improper Restriction of Operations within the Bounds of a Memory Buffer in NetScaler ADC and NetScaler Gateway allows Unauthenticated Denial of Service and Out-Of-Bounds Memory Read
- Source
- secure@citrix.com
- NVD status
- Analyzed
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 7.5
- Impact score
- 3.6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
- Severity
- HIGH
Known exploits
Data from CISA
- Vulnerability name
- Citrix NetScaler ADC and NetScaler Gateway Buffer Overflow Vulnerability
- Exploit added on
- Jan 17, 2024
- Exploit action due
- Feb 7, 2024
- Required action
- Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:citrix:netscaler_application_delivery_controller:*:*:*:*:fips:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E5672003-8E6B-4316-B5C9-FE436080ADD1",
"versionEndExcluding": "12.1-55.302",
"versionStartIncluding": "12.1"
},
{
"criteria": "cpe:2.3:a:citrix:netscaler_application_delivery_controller:*:*:*:*:ndcpp:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D1A11ABD-4F45-4BA9-B30B-F1D8A612CC15",
"versionEndExcluding": "12.1-55.302",
"versionStartIncluding": "12.1"
},
{
"criteria": "cpe:2.3:a:citrix:netscaler_application_delivery_controller:*:*:*:*:-:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FC0A5AAC-62DD-416A-A801-A7A95D5EF73C",
"versionEndExcluding": "13.0-92.21",
"versionStartIncluding": "13.0"
},
{
"criteria": "cpe:2.3:a:citrix:netscaler_application_delivery_controller:*:*:*:*:fips:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8C8A6B95-8338-4EE7-A6EC-7D84AEDC4AF3",
"versionEndExcluding": "13.1-37.176",
"versionStartIncluding": "13.1"
},
{
"criteria": "cpe:2.3:a:citrix:netscaler_application_delivery_controller:*:*:*:*:-:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3CF77D9D-FC89-493D-B97D-F9699D182F54",
"versionEndExcluding": "13.1-51.15",
"versionStartIncluding": "13.1"
},
{
"criteria": "cpe:2.3:a:citrix:netscaler_application_delivery_controller:*:*:*:*:-:*:*:*",
"vulnerable": true,
"matchCriteriaId": "62CD82CF-9013-4E54-B175-19B804A351AA",
"versionEndExcluding": "14.1-12.35",
"versionStartIncluding": "14.1"
},
{
"criteria": "cpe:2.3:a:citrix:netscaler_gateway:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "68E1F810-ABCD-40A7-A8C1-4E8727799C7C",
"versionEndExcluding": "13.0-92.21",
"versionStartIncluding": "13.0"
},
{
"criteria": "cpe:2.3:a:citrix:netscaler_gateway:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E870C309-D5CD-4181-9DEB-4833DE2EAEB7",
"versionEndExcluding": "13.1-51.15",
"versionStartIncluding": "13.1"
},
{
"criteria": "cpe:2.3:a:citrix:netscaler_gateway:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2836707F-A36F-479E-BFDC-CF55AEFC37EE",
"versionEndExcluding": "14.1-12.35",
"versionStartIncluding": "14.1"
}
],
"operator": "OR"
}
]
}
]