NetScaler investigation recommendations for CVE-2023-4966

Can you have too much on this one?

I see that there are some new links on the advice about this CVE. The updated blog is here

On October 10, 2023, Cloud Software Group released builds to fix CVE-2023-4966, which affects NetScaler ADC and NetScaler Gateway. If exploited, CVE-2023-4966 can result in unauthorized data disclosure. This vulnerability was discovered by our internal team, and at the time of disclosure, we were not aware of any exploits in the wild. 

We now have reports of incidents consistent with session hijacking, and have received credible reports of targeted attacks exploiting this vulnerability.

You can find details of the orginial security bulletin here. 

Further reading?

CISA Guidance: https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2023-4966&sort_by=field_date_added

Mandiant Article: https://www.mandiant.com/resources/blog/remediation-netscaler-adc-gateway-cve-2023-4966

Thanks Mark Burdick, for pointing these out to me.