Citrix is urging administrators to promptly secure all Netscaler ADC and Gateway devices due to ongoing attacks exploiting the critical vulnerability of CVE-2023-4966.
Two weeks ago, Citrix already released a patch to address this vulnerability, which involves the unauthorized disclosure of sensitive information. CVE-2023-4966 has been assigned a severity score of 9.4/10 on the CVSS scale, as it can be exploited remotely without the need for authentication or user interaction.
In order for Netscaler devices to be susceptible to these attacks, they need to be configured as Gateway or utilized in AAA mode.
AAA comprises of three processes:
| Process | Description | 
|---|---|
| Authentication | Verification of the user’s identity when attempting to access the network or network device. This typically involves the use of login credentials, but other methods such as certificates, smart cards, or biometrics may be utilized. | 
| Authorization | Definition of the user’s rights and restrictions on the network, determining the resources they can access, commands they can execute, data they can view, etc. | 
| Accounting | Recording and tracking of information pertaining to the user’s actions on the network. This includes details such as connection times, data transfer amounts, resources utilized, etc. | 
AAA implementation in networks often involves the use of dedicated access servers that process requests from network devices or clients.