Citrix NetScaler bug protection: Close all active sessions, says Mandiant

1 November 2023

Mandiant Consulting advised security teams that only applying the patch that was released to fix a recent Citrix NetScaler ADC and Gateway vulnerability was not enough — they need to close all active sessions to ensure that the vulnerable code is not resident in memory. The vulnerability — CVE-2023-4966, which is rated a critical 9.4 by Citrix — lets attackers steal the token of recently connected users, allowing the attacker to gain access to whatever resources the user has permissions to access in Citrix.

Source: SC Magazine

Date:

1 November 2023

Categorie(s):

NEWS

Tag(s):

Citrix, Close, Mandiant, NetScaler, Virtualization

Reliable Web App Pattern: Now Optimizes Azure Migration with Enhanced Infrastructure and Security28 April 2024
Okta Warns of Unprecedented Surge in Proxy-Driven Credential Stuffing Attacks28 April 2024
Good Security Is About Iteration, Not Perfection.28 April 2024
Week in review: Two Cisco ASA zero-days exploited, MITRE breach, GISEC Global 202428 April 2024
Security budgets are growing, but so is vendor sprawl27 April 2024