cbcvebase.
CVE-2023-24487
published 2023-07-10

CVE-2023-24487: Arbitrary file read in Citrix ADC and Citrix Gateway

PriorityP343high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
EPSS
1.07%
60.7th percentile
Arbitrary file read in Citrix ADC and Citrix Gateway

Affected

17 ranges
VendorProductVersion rangeFixed in
citrixapplication_delivery_controller>= 12.1 < 12.1-55.29612.1-55.296
citrixapplication_delivery_controller>= 12.1 < 12.1-65.3512.1-65.35
citrixapplication_delivery_controller>= 13.0 < 13.0-90.1113.0-90.11
citrixapplication_delivery_controller>= 13.1 < 13.1-37.15013.1-37.150
citrixapplication_delivery_controller>= 13.1 < 13.1-45.6113.1-45.61
citrixcitrix_adc
citrixcitrix_adc_and_citrix_gateway>= 12.1 < 12.1-65.3512.1-65.35
citrixcitrix_adc_and_citrix_gateway>= 12.1-FIPS < 12.1-55.29612.1-55.296
citrixcitrix_adc_and_citrix_gateway>= 12.1-NDcPP < 12.1-55.29612.1-55.296
citrixcitrix_adc_and_citrix_gateway>= 13.0 < 13.0-90.11 13.0-90.11 
citrixcitrix_adc_and_citrix_gateway>= 13.1 < 13.1-45.61 13.1-45.61
citrixcitrix_adc_and_citrix_gateway>= 13.1-FIPS < 13.1-37.150 13.1-37.150
citrixcitrix_gateway
citrixgateway>= 12.1 < 12.1-65.3512.1-65.35
citrixgateway>= 13.0 < 13.0-90.1113.0-90.11
citrixgateway>= 13.1 < 13.1-45.6113.1-45.61
citrixxenserver
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.