A follow up on CVE-2023-6548 and CVE-2023-6549 from yesterday
A new blog...
I see that Anil has posted some details on that CVE from yesterday.
On January 16, 2024, Cloud Software Group released builds to fix CVE-2023-6548 and CVE-2023-6549, which affect NetScaler ADC and NetScaler Gateway.
You can find more details in the security bulletin.
These issues only apply to customer-managed NetScaler ADC and NetScaler Gateway. Customers using Citrix-managed cloud services or Citrix-managed Adaptive Authentication are not impacted.
We are aware of a limited number of exploits of each vulnerability in the wild. The vulnerabilities carry CVSSv3 scores of 5.5 and 8.2, respectively. We recommend immediate application of fixes — especially under certain circumstances as outlined below.