VDB
CVE-2023-4967
CVE-2023-4967
PUBLISHED
Es besteht eine Schwachstelle in Citrix Systems ADC und Citrix Systems Citrix Gateway. Dieser Fehler besteht aufgrund einer unzulässigen Einschränkung von Operationen innerhalb der Grenzen eines Speicherpuffers. Ein entfernter Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu verursachen.
EPSS 0.57% · 68.9th percentile
Risk Scores
EPSS Score
0.57%
68.9th percentile
Exploit Intelligence
- https://support.citrix.com/article/CTX579459/ (circl)
- apt_ransom_lockbit_citrixbleed_nov23.yar (github-yara)
- apt_ransom_lockbit_citrixbleed_nov23.yar (github-yara)
- apt_ransom_lockbit_citrixbleed_nov23.yar (github-yara)
- apt_ransom_lockbit_citrixbleed_nov23.yar (github-yara)
- apt_ransom_lockbit_citrixbleed_nov23.yar (github-yara)
- apt_ransom_lockbit_citrixbleed_nov23.yar (github-yara)
- apt_ransom_lockbit_citrixbleed_nov23.yar (github-yara)
- apt_ransom_lockbit_citrixbleed_nov23.yar (github-yara)
- apt_ransom_lockbit_citrixbleed_nov23.yar (github-yara)
…and 255 more exploits
Timeline
- Oct 10, 2023 CVE Published
- Oct 28, 2023 EPSS Score
- Nov 9, 2023 CVE Updated
- Nov 28, 2023 EPSS Score
- Dec 4, 2023 PoC Published
- Dec 18, 2023 PoC Published
- Dec 29, 2023 EPSS Score
- Jan 28, 2024 EPSS Score
- Feb 28, 2024 EPSS Score
- Mar 1, 2024 PoC Published
- Mar 30, 2024 EPSS Score
- Apr 30, 2024 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-2605.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2605 advisory
- https://www.mandiant.com/resources/blog/remediation-netscaler-adc-gateway-cve-2023-4966 advisory
- https://support.citrix.com/article/CTX579459 advisory