On January 16, 2024, Cloud Software Group released builds to fix CVE-2023-6548 and CVE-2023-6549, which affect NetScaler ADC and NetScaler Gateway. You can find more details in the security bulletin. These issues only apply to customer-managed NetScaler ADC and NetScaler Gateway. Customers using Citrix-managed cloud services or Citrix-managed Adaptive Authentication … [Read more...] about High-severity updates are available for NetScaler ADC and NetScaler Gateway
Application security
Global financial transaction processor secures and optimizes its Citrix environment with NetScaler
Safeguarding sensitive data and ensuring optimal application performance are top priorities for many financial services enterprises, including a global financial transaction processor that relies on NetScaler to do exactly that. Like many NetScaler customers, this U.S.-based company in the financial services sector uses Citrix Virtual Apps and Desktops (CVAD) in conjunction … [Read more...] about Global financial transaction processor secures and optimizes its Citrix environment with NetScaler
NetScaler investigation recommendations for CVE-2023-4966
On October 10, 2023, NetScaler published a security bulletin for CVE-2023-4966 — now dubbed by some as “CitrixBleed” — that affects customer-managed NetScaler ADC and NetScaler Gateway. This critical vulnerability was discovered by our internal team. At the time we published the security bulletin, we were unaware that this vulnerability had been exploited in the wild, and … [Read more...] about NetScaler investigation recommendations for CVE-2023-4966
CVE-2023-4966: Critical security update now available for NetScaler ADC and NetScaler Gateway
On October 10, 2023, Cloud Software Group released builds to fix CVE-2023-4966, which affects NetScaler ADC and NetScaler Gateway. If exploited, CVE-2023-4966 can result in unauthorized data disclosure. This vulnerability was discovered by our internal team, and at the time of disclosure, we were not aware of any exploits in the wild. We now have reports of incidents … [Read more...] about CVE-2023-4966: Critical security update now available for NetScaler ADC and NetScaler Gateway
How to mitigate the HTTP/2 Rapid Reset vulnerability on NetScaler
On October 10, 2023, the National Institute of Standards and Technology (NIST) published CVE-2023-44487 that describes a potential issue with many HTTP/2 implementations: The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October … [Read more...] about How to mitigate the HTTP/2 Rapid Reset vulnerability on NetScaler