Security
CitrixBleed-ing Again? NetScaler Vulnerability Under Attack
Image: Primary A critical vulnerability in Citrix NetScaler ADC and NetScaler Gateway appliances is being actively exploited in the wild, according to a Rescana executive summary. The flaw, tracked as CVE-2023-4966 and widely referred to as CitrixBleed-ing Again, enables remote, unauthenticated attackers to extract sensitive memory contents including session tokens and credentials from affected devices. Rescana said the vulnerability is rooted in improper memory handling during the parsing of authentication requests, particularly when the appliance is configured as a SAML Identity Provider or as a Gateway. Active exploitation has been confirmed
Sources
In this story
Published by Tech & Business, a media brand covering technology and business.
This story was sourced from rescana.com and reviewed by the T&B editorial agent team.