How to Fix CVE-2023-3519- An Unauthenticated Remote Code Execution Vulnerability in Citrix Products?

Citrix published a Security Bulletin on 19th July 2023 in which it disclosed 3 new vulnerabilities in Citrix ADC and Gateway Products. All three tracked under the identifiers CVE-2023-3519, CVE-2023-3466, and CVE-2023-3467 are rated Critical and High in severity with CVSS scores of 9.8, 8.3, and 8 respectively. The exploitation of these vulnerabilities would allow adversaries to perform Code Injection, Remote Code Execution, Privilege Escalation to root, and Reflected Cross-Site Scripting attacks on vulnerable versions of NetScaler ADC (formerly Citrix ADC) and NetScaler Gateway (formerly Citrix Gateway. It is highly recommended that organizations who use NetSclar/Citrix ADC and Gateway Products should patch all these vulnerabilities in Citrix ADC and Gateway Products. Without further due, let’s see how to fix CVE-2023-3519 (Unauthenticated Remote Code Execution Vulnerability in Citrix Products) with the other two vulnerabilities in this post.

A Short Note About Citrix ADC and Gateway Products

Citrix ADC (Application Delivery Controller) and Gateway are integral components of the Citrix networking portfolio, designed to streamline and enhance network performance, security, and manageability.

Citrix ADC is an industry-leading application delivery and load-balancing solution that enables IT departments to deliver applications securely and at high speed. It offers multiple capabilities such as load balancing, content switching, SSL offloading, application firewall, optimization, and connection multiplexing, to name a few. Citrix ADC is available in different form factors including hardware, virtual, and cloud-based instances to cater to diverse organizational needs. It supports a wide range of protocols and provides SSL VPN access to applications, making it a one-stop solution for application delivery.

On the other hand, Citrix Gateway is a robust networking solution designed to provide secure, remote access to applications and desktops. It provides a secure SSL VPN connection between users and applications, enabling organizations to control access on a granular level. Citrix Gateway works in tandem with Citrix Virtual Apps and Desktops, ensuring that remote and mobile workers have secure access to their enterprise resources. It offers advanced features like single sign-on, multi-factor authentication, and session policies which enhance the security and usability of the system.

See also  How to Fix CVE-2023-24329- URL Parsing Issue in Python?

Summary of CVE-2023-3519 With Other Two Vulnerabilities

As per the advisory released by Citrix, there are three vulnerabilities identified in Citrix ADC and Gateway Products. Out of the three vulnerabilities, one is critical, and the remaining two are high in severity. All three were tracked under the identifiers CVE-2023-3519, CVE-2023-3466, and CVE-2023-3467 are rated Critical with CVSS scores of 9.8, 8.3, and 8.0 out of 10, respectively.

CVE ID Description CVSS Score Severity
CVE-2023-3519 Unauthenticated remote code execution 9.8 Critical
CVE-2023-3466 Reflected Cross-Site Scripting (XSS) 8.3 High
CVE-2023-3467 Privilege Escalation to root administrator (nsroot) 8.0 High

CVE-2023-3519

This is a critical severity Unauthenticated remote code execution vulnerability in Citrix ADC and Citrix Gateway products. This flaw can only be exploited only if the appliances are configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server.

See Also  Step-By-Step Procedure To Install CentOS Linux On VMWare Workstation

CVE-2023-3466

This is a High severity Reflected Cross-Site Scripting (XSS) vulnerability in Citrix ADC and Citrix Gateway products. The flaw is due to Improper Control of the Generation of Code (‘Code Injection’). Attackers could exploit the victim by tricking them to click on their controlled malicious link while being on a network with connectivity to the NSIP.

CVE-2023-3467

This is a High severity Privilege Escalation to root administrator (nsroot) vulnerability in Citrix ADC and Citrix Gateway products. The flaw is due to Improper Privilege Management. Prior authentication is required to exploit this vulnerability.

Citrix Products Affected by These Vulnerabilities

According to Wouter Rijkbost and Jorren Geurts, security researchers at Resillion, these products are vulnerable to these flaws.

  • NetScaler ADC and NetScaler Gateway 13.1 before 13.1-49.13
  • NetScaler ADC and NetScaler Gateway 13.0 before 13.0-91.13
  • NetScaler ADC 13.1-FIPS before 13.1-37.159
  • NetScaler ADC 12.1-FIPS before 12.1-55.297
  • NetScaler ADC 12.1-NDcPP before 12.1-55.297
See also  What is There in The Verizon’s Data Breach Investigations Report- 2023

Note: NetScaler ADC and NetScaler Gateway version 12.1 is now End Of Life (EOL) and is vulnerable.

How to Fix CVE-2023-3519- An Unauthenticated Remote Code Execution Vulnerability in Citrix Products?

Citrix has responded these vulnerabilities by releasing the patches. We recommend installing the relevant updated versions of Citrix ADC or Citrix Gateway as soon as possible. Please download the latest versions of Citrix ADC and Citrix Gateway to apply the patches.

Patched versions of Citrix ADC and Gateway Products are:

  • NetScaler ADC and NetScaler Gateway 13.1-49.13  and later releases
  • NetScaler ADC and NetScaler Gateway 13.0-91.13  and later releases of 13.0
  • NetScaler ADC 13.1-FIPS 13.1-37.159 and later releases of 13.1-FIPS
  • NetScaler ADC 12.1-FIPS 12.1-55.297 and later releases of 12.1-FIPS
  • NetScaler ADC 12.1-NDcPP 12.1-55.297 and later releases of 12.1-NDcPP

Note: NetScaler ADC and NetScaler Gateway version 12.1 is now End Of Life (EOL). Customers are recommended to upgrade their appliances to one of the supported versions that address the vulnerabilities.

How To Upgrade Citrix ADC?

There are different ways to upgrade the Citrix ADC appliance. Please take a look at those here:

How To Upgrade Citirx ADC

How To Upgrade Citrix Gateway?

There are different ways to upgrade the Citrix Gateway appliance. Please take a look at those here:

How To Upgrade Citirx Gateway using upgrade wizard
How To Upgrade Citirx Gateway using command prompt

Leave a Reply

Your email address will not be published. Required fields are marked *