Serial number: AV24-030
Date: January 16, 2024
On January 16, 2024, Citrix published security advisories to address vulnerabilities in multiple products. Included were updates for the following:
- NetScaler ADC and NetScaler Gateway 14.1 — versions prior to 14.1-12.35
- NetScaler ADC and NetScaler Gateway 13.1 — versions prior to 13.1-51.15
- NetScaler ADC and NetScaler Gateway 13.0 — versions prior to 13.0-92.21
- NetScaler ADC 13.1-FIPS — versions prior to 13.1-37.176
- NetScaler ADC 12.1-FIPS — versions prior to 12.1-55.302
- NetScaler ADC 12.1-NDcPP — versions prior to 12.1-55.302
Citrix has indicated that CVE-2023-6548 and CVE-2023-6549 have been actively exploited.
The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.