Multiple vulnerabilities in Citrix NetScaler Console, NetScaler SVM and NetScaler Agent

Published: 2024-07-10

Risk	Medium
Patch available	YES
Number of vulnerabilities	2
CVE-ID	CVE-2024-6235 CVE-2024-6236
CWE-ID	CWE-287 CWE-119
Exploitation vector	Local network
Public exploit	N/A
Vulnerable software	NetScaler Console (formerly NetScaler ADM) Other software / Other software solutions NetScaler SDX (SVM) Other software / Other software solutions NetScaler Agent Other software / Other software solutions
Vendor	Citrix

Security Bulletin

This security bulletin contains information about 2 vulnerabilities.

1) Improper Authentication

EUVDB-ID: #VU94077

Risk: Medium

CVSSv4.0: 4.9 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2024-6235

CWE-ID: CWE-287 - Improper Authentication

Exploit availability: No

Description

The vulnerability allows a remote attacker to bypass authentication process.

The vulnerability exists due to an error in when processing authentication requests. A remote attacker on the local network can bypass authentication process and gain unauthorized access to sensitive information.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

NetScaler Console (formerly NetScaler ADM): before 14.1-25.53

CPE2.3

cpe:2.3:a:citrix:netscaler_console:*:*:*:*:*:*:*:*

External links

https://support.citrix.com/article/CTX677998/netscaler-console-agent-and-svm-security-bulletin-for-cve20246235-and-cve20246236

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Buffer overflow

EUVDB-ID: #VU94078

Risk: Low

CVSSv4.0: 4.9 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-6236

CWE-ID: CWE-119 - Memory corruption