Citrixbleed (cve-2023-4966) – detections

Intel Name: Citrixbleed (cve-2023-4966) – detections

Date of Scan: September 17, 2024

Impact: High

Summary:
Citrix Bleed (CVE-2023-4966) is a critical information disclosure vulnerability impacting Citrix Netscaler Gateway and Netscaler ADC products, with a CVSS score of 9.4. Citrix addressed this issue with a patch released on October 10, 2023.This vulnerability enables unauthenticated attackers to extract session tokens through a specially crafted request, potentially gaining unauthorized access to affected systems. Additionally, security firm Assetnote has published detailed information and proof of concept (PoC) code for exploiting this vulnerability.

More Details