CVE-2023-6548
EUVD-2023-5877817.01.2024, 20:15
Improper Control of Generation of Code ('Code Injection') in NetScaler ADC and NetScaler Gateway allows an attacker with access to NSIP, CLIP or SNIP with management interface to perform Authenticated (low privileged) remote code execution on Management Interface.Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| citrix | netscaler_application_delivery_controller | 12.1 ≤ 𝑥 < 12.1-55.302 |
| citrix | netscaler_application_delivery_controller | 12.1 ≤ 𝑥 < 12.1-55.302 |
| citrix | netscaler_application_delivery_controller | 13.0 ≤ 𝑥 < 13.0-92.21 |
| citrix | netscaler_application_delivery_controller | 13.1 ≤ 𝑥 < 13.1-37.176 |
| citrix | netscaler_application_delivery_controller | 13.1 ≤ 𝑥 < 13.1-51.15 |
| citrix | netscaler_application_delivery_controller | 14.1 ≤ 𝑥 < 14.1-12.35 |
| citrix | netscaler_gateway | 13.0 ≤ 𝑥 < 13.0-92.21 |
| citrix | netscaler_gateway | 13.1 ≤ 𝑥 < 13.1-51.15 |
| citrix | netscaler_gateway | 14.1 ≤ 𝑥 < 14.1-12.35 |
𝑥
= Vulnerable software versions
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
| Vendor | Product | Version | Source |
|---|---|---|---|
| citrix | netscaler_application_delivery_controller | 14.1 ≤ 𝑥 < 14.1-12.35 | ADP |
| citrix | netscaler_application_delivery_controller | 13.1 ≤ 𝑥 < 13.1-51.15 | ADP |
| citrix | netscaler_application_delivery_controller | 13.0 ≤ 𝑥 < 13.0-92.21 | ADP |
| citrix | netscaler_application_delivery_controller | 13.1 ≤ 𝑥 < 13.1-37.176 | ADP |
| citrix | netscaler_application_delivery_controller | 12.1 ≤ 𝑥 < 12.1-55.302 | ADP |
| citrix | netscaler_application_delivery_controller | 12.1 ≤ 𝑥 < 12.1-55.302 | ADP |
| citrix | netscaler_gateway | 14.1 ≤ 𝑥 < 14.1-12.35 | ADP |
| citrix | netscaler_gateway | 13.1 ≤ 𝑥 < 13.1-51.15 | ADP |
| citrix | netscaler_gateway | 13.0 ≤ 𝑥 < 13.0-92.21 | ADP |
References