CVE-2023-6548

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Jan 17, 2024
Updated: Jan 25, 2024
CWE ID 94

Summary

CVE-2023-6548 is a code injection vulnerability affecting NetScaler ADC and Gateway. An attacker with access to NSIP, CLIP, or SNIP through the management interface can carry out authenticated, low-privileged remote code execution on the management interface. This issue arises due to the improper control of code generation. Successful exploitation can lead to significant security implications, including unauthorized access and system compromise. Organizations using these products are advised to apply the available patches or mitigations immediately to protect against potential attacks.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Citrix NetScaler Application Delivery Controller (ADC)
  • Citrix Netscaler Gateway

Affected Vendors

  • Citrix Systems