On July 9, 2024, NetScaler released builds to fix the following CVEs:
- CVE-2024-6235 affects NetScaler Console (formerly NetScaler ADM) CVE-2024-6236, affects NetScaler Console, NetScaler Agent and NetScaler SVM, but not NetScaler VPX instances in NetScaler SDX
- CVE-2024-5491 and CVE-2024-5492 affects NetScaler (NetScaler ADC and NetScaler Gateway)
Third-Party CVE:
- CVE-2024-6387 is third-party software vulnerability on the open source OpenSSH module and affects NetScaler (NetScaler ADC and NetScaler Gateway)
All five of these CVEs apply only to customer-managed instances of NetScaler. If you have NetScaler-managed infrastructure, such as NetScaler Console Service, you do not need to take any action.
CVE-2024-6235 and CVE-2024-6236
CVE-2024-6235, identified as a critical severity vulnerability, allows sensitive information disclosure. CVE-2024-6236, identified as a High severity vulnerability, allows for a denial of service attack.
We discovered these vulnerabilities as a result of internal research and are unaware of any exploits in the wild.
If you are using affected builds and have NetScaler Console exposed to the public internet, we strongly recommend that you immediately install the recommended updates (NetScaler ADC and NetScaler Gateway and NetScaler Console). Please note that our configuration guidance is that you should not expose NetScaler Console or elements of it to the public internet. Rather, you should keep the NetScaler Console IP on a private network.
While we cannot provide exact numbers, there are indications that the number of customer-managed versions of NetScaler Console exposed to the internet is small relative to the number of NetScaler ADCs deployed worldwide.
However, even if NetScaler Console is not exposed externally, we still recommend installing the relevant update to protect against malicious insider threats.
CVE-2024-5491 and CVE-2024-5492
CVE-2024-5491, identified as a high-severity vulnerability, allows for a denial of service attack. CVE-2024-5492, identified as a medium-severity vulnerability, allows a remote unauthenticated attacker to redirect users to arbitrary or potentially malicious web sites.
Please note that NetScaler version 12.1 (NetScaler ADC and NetScaler Gateway) is now end of life and is vulnerable. If you are using version 12.1, we recommend that you upgrade NetScaler to one of the supported versions that addresses the vulnerabilities.
In both this communication and the related security bulletins for NetScaler ADC and NetScaler Console, please understand that we are sharing few technical details. We are intentional about not disclosing additional information because the details could aid malicious actors in the exploit.
CVE-2024-6387
CVE-2024-6387 is related to the OpenSSH module that is used by many networking products including NetScaler. Discovered externally by Qualys, this vulnerability is a signal handler race condition in OpenSSH’s server (sshd) that allows unauthenticated remote code execution as root on glibc-based Linux systems. NetScaler is addressing this vulnerability as part of the same upgrade patch published below.
Update installation
Permanent fixes are available to download here:
Learn more and stay up to date
- Read the security bulletins for NetScaler ADC and NetScaler Console
- Sign up for security bulletin notifications
- Consult the best practices deployment guides for NetScaler and NetScaler Console
- Contact your NetScaler account representative to enroll in receiving pre-notification of security bulletins
Improved vulnerability management with NetScaler Console
If you use NetScaler Console (formerly NetScaler Application Delivery Management), this is an ideal time to explore the security features it provides. The Security Advisory and Upgrade Advisory features can help reduce your time to patch, which can be critical in the current threat landscape:
- Security Advisory protects your infrastructure by highlighting NetScaler ADCs with CVE exposure, scheduling on-demand vulnerability scans, and suggesting remediations.
- Upgrade Advisory helps you with the lifecycle management of NetScaler ADCs.
- File Integrity Monitoring ensures the integrity of the files on NetScaler ADCs by determining if changes have been made to your NetScaler build files.