#VU9683 Information disclosure in Citrix NetScaler
Vulnerability identifier: #VU9683
Vulnerability risk: Low
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-200
Exploitation vector: Network
Exploit availability: No
Vulnerable software:
Citrix NetScaler
Server applications /
Remote management servers, RDP, SSH
Vendor: Citrix
Description
The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.
The weakness exists on systems using TLS with client certificates enabled and Diffie-Hellman Ephemeral (DHE) key exchange due to unspecified error. A remote attacker can obtain cleartext traffic from the backend client TLS handshake.
Mitigation
Update to version 10.5 build 67.13, 11.0 build 71.22, 11.1 build 56.19, 12.0 build 53.22 or later.
Vulnerable software versions
Citrix NetScaler: 10.5 - 12.0 Build 53.13
External links
http://support.citrix.com/article/CTX230612
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
