Intel Name: Citrixbleed (cve-2023-4966) – detections
Date of Scan: September 17, 2024
Impact: High
Summary: Citrix Bleed (CVE-2023-4966) is a critical information disclosure vulnerability impacting Citrix Netscaler Gateway and Netscaler ADC products, with a CVSS score of 9.4. Citrix addressed this issue with a patch released on October 10, 2023.This vulnerability enables unauthenticated attackers to extract session tokens through a specially crafted request, potentially gaining unauthorized access to affected systems. Additionally, security firm Assetnote has published detailed information and proof of concept (PoC) code for exploiting this vulnerability.