CVE-2024-12284

Published Feb 20, 2025

Last updated a month ago

CVSS high 8.8

Overview

AI description

Generated using AI and has not been reviewed by Intruder. May contain errors.

CVE-2024-12284 is a vulnerability found in NetScaler Console (formerly NetScaler ADM) and NetScaler Console Agent. It stems from insufficient privilege management, allowing authenticated attackers to execute commands without proper authorization. The vulnerability only affects authenticated users who already possess access to the NetScaler Console. Exploiting this vulnerability allows malicious actors to execute unauthorized commands. Cloud Software Group, having released builds to address this issue on February 18, 2025, recommends using external authentication for NetScaler Console as a security best practice. Upgrading to the latest builds is recommended for users of on-premises NetScaler Console and NetScaler Console Agent. Users of the Citrix-managed NetScaler Console Service do not need to take any action.

Description
Authenticated privilege escalation in NetScaler Console and NetScaler Agent allows.
Source
secure@citrix.com
NVD status
Received

Risk scores

CVSS 4.0

Type
Secondary
Base score
8.8
Impact score
-
Exploitability score
-
Vector string
CVSS:4.0/AV:A/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Severity
HIGH

Weaknesses

secure@citrix.com
CWE-269

Social media

Hype score
Not currently trending

  1. “NetScaler Console" və "NetScaler Agent”də boşluq (CVE-2024-12284) aşkar olunub #ETX #certaz #cybersecurity #kibertəhlükəsizlik #xəbərdarlıq #biznes https://t.co/xdEjoH1D5t

    @CERTAzerbaijan

    3 Mar 2025

    58 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  2. 🚨 Critical Citrix Security #Update: #CVE-2024-12284 Puts NetScaler at Risk https://t.co/giCgnrtX3V

    @UndercodeNews

    28 Feb 2025

    12 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. BREAKING: Citrix releases urgent security fix for NetScaler Console & Agent due to high-severity vulnerability (CVE-2024-12284) allowing privilege escalation under certain conditions. Update your systems now to protect against potential attacks! https://t.co/AD2bhmP7bD

    @Synapze_

    26 Feb 2025

    5 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. CVE-2024-12284: NetScaler Users Urged to Update Against Critical Flaw https://t.co/PHbQJBtvcp

    @hanul93

    22 Feb 2025

    23 Impressions

    1 Retweet

    2 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  5. اCitrix CVE-2024-12284، یک نقص کنسول NetScaler (CVSS 8.8) را رفع می‌کند که امکان افزایش امتیاز را فراهم می‌کند. به‌روزرسانی فوری مورد نیاز است - هیچ راه‌حلی در دسترس نیست. https://t.co/chAAF0nYXZ

    @cybernetic_cy

    21 Feb 2025

    85 Impressions

    2 Retweets

    4 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  6. 🚨 CVE-2024-12284 🔴 HIGH (8.8) 🏢 NetScaler - Console 🏗️ 14.1 🔗 https://t.co/vvdqaMMmJR #CyberCron #VulnAlert https://t.co/l6yTrtom6G

    @cybercronai

    21 Feb 2025

    19 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  7. Une faille touche les Citrix Netscaller. Elle permet une élévation de privilège au niveau de la console d'administration. Les patchs de mises à jour sont disponibles. Pour en savoir plus sur l'alerte de sécurité CVE-2024-12284 https://t.co/6faBN5L0nx https://t.co/tRwmSTpBeq

    @_Nidouille_

    20 Feb 2025

    371 Impressions

    0 Retweets

    2 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  8. 🚨 A critical vulnerability (CVE-2024-12284) in NetScaler Console/Agent allows unauthorized command execution. Users must upgrade to patched versions to stay secure. ⚠️ #NetScaler #CloudSoftware #USA link: https://t.co/PJN5NK24DU https://t.co/WFDm1iEPPl

    @TweetThreatNews

    20 Feb 2025

    47 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  9. CVE-2024-12284 impacts NetScaler #CVE-2024-12284 #NetScaler https://t.co/Zk8KddR7Xq

    @pravin_karthik

    20 Feb 2025

    29 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  10. Citrix has issued a security fix for a critical vulnerability (CVE-2024-12284) in NetScaler Console, allowing privilege escalation for authenticated users. Update to protect your systems! 🔒 #Citrix #NetScaler #SecurityUpdate link: https://t.co/im0IphaXRB https://t.co/mXK6lG0GLh

    @TweetThreatNews

    20 Feb 2025

    36 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  11. ⚠️ Vulnerability Alert: NetScaler Console Privilege Escalation Vulnerability 📅 Timeline: Disclosure: 2025-02-20, Patch: 2025-02-20 📌 Attribution: 🆔cveId: CVE-2024-12284 📊baseScore: 8.8 📏cvssMetrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H cvssSeverity: High 🟠… http

    @syedaquib77

    20 Feb 2025

    37 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  12. CVE-2024-12284 in NetScaler Console Exposes Systems to Unauthorized Command Execution https://t.co/d9itUPiz38

    @Dinosn

    20 Feb 2025

    2818 Impressions

    21 Retweets

    44 Likes

    5 Bookmarks

    0 Replies

    0 Quotes

  13. Citrix has patched a severe flaw in NetScaler Console & Agent (CVE-2024-12284) with a CVSS score of 8.8. This privilege escalation bug could allow authenticated attackers to execute unauthorized actions. UPDATE immediately to the latest versions. Read: https://t.co/J23aKvl

    @TheHackersNews

    20 Feb 2025

    29382 Impressions

    28 Retweets

    67 Likes

    10 Bookmarks

    2 Replies

    0 Quotes

  14. [CVE-2024-12284: HIGH] Authenticated privilege escalation in NetScaler Console and NetScaler Agent allows.#cybersecurity,#vulnerability https://t.co/PmJVOSprwo https://t.co/OsewE2UEDX

    @CveFindCom

    20 Feb 2025

    7 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  15. CVE-2024-12284 in NetScaler Console Exposes Systems to Unauthorized Command Execution Learn about CVE-2024-12284, a high-severity vulnerability in the NetScaler Console that poses serious security risks. https://t.co/CrHJjq5vJJ

    @the_yellow_fall

    19 Feb 2025

    301 Impressions

    2 Retweets

    4 Likes

    2 Bookmarks

    0 Replies

    0 Quotes

  16. CVE-2024-12284 Authenticated privilege escalation in NetScaler Console and NetScaler Agent allows. https://t.co/tHqY48Ao9z

    @CVEnew

    19 Feb 2025

    491 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  17. NetScaler Console and NetScaler Agent Security Bulletin for CVE-2024-12284 A high-severity vulnerability has been identified in NetScaler Console and NetScaler Agent (Citrix ADM). Immediate action is recommended! Read the full security bulletin here https://t.co/AA14VPMg95 http

    @FerroqueSystems

    18 Feb 2025

    37 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  18. Citrix Secure Access Client for Mac Security Bulletin for CVE-2025-1222 and CVE-2025-1223, CVE-2024-12284 & CVE-2024-6387. https://t.co/qHdW3Qew0a

    @NetScalerTimes

    18 Feb 2025

    3 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References