![]() References Details of the VulnerabilitiesĬVE-2023-3519 is a remote code execution (RCE) vulnerability with a CVSS severity score of 9.8 that was disclosed on July 18, 2023. Next-Generation Firewalls and Prisma Access With Advanced Threat Prevention Palo Alto Networks Product Protections for CVE-2023-3519 Palo Alto Networks also recommends patching against these vulnerabilities, including CVE-2023-3519, with the software update provided by Citrix. Cortex Xpanse customers can identify external-facing instances of the application through the “ Insecure Citrix Application Delivery Controller” attack surface rule.Next-Generation Firewall with the Advanced Threat Prevention security subscription can help block the attacks.Palo Alto Networks customers receive protections from and mitigations for CVE-2023-3519 in the following ways: The Cybersecurity and Infrastructure Security Agency (CISA) has also released an advisory detailing an attack using this vulnerability. Vulnerabilities on Citrix-managed servers have already been mitigated.Ĭitrix states that they have observed attacks targeting CVE-2023-3519 against appliances that haven’t been patched. When these appliances are configured as a gateway or authentication server and managed by a customer (i.e., not Citrix-managed) they can be vulnerable to remote code execution initiated by an attacker. On July 18, 2023, Citrix published a security bulletin for vulnerabilities affecting their NetScaler ADC and NetScaler Gateway products.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |