CVE-2023-3467 — Improper Privilege Management in Citrix Netscaler ADC

CWE-269 — Improper Privilege Management CWE-20 — Improper Input Validation CWE-94 — Code Injection18 documents11 sources

Severity

8.0HIGHNVD

EPSS

0.4%

top 39.48%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Citrix Netscaler ADC Citrix Netscaler Gateway Citrix Netscaler Application Delivery Controller +3 more

Timeline

PublishedJul 19

Latest updateFeb 26

Description

Privilege Escalation to root administrator (nsroot)

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.1 | Impact: 5.9

Affected Packages9 packages

▶CVEListV5citrix/netscaler_adc13.1 — 49.13+4

▶CVEListV5citrix/netscaler_gateway13.1 — 49.13+1

▶NVDcitrix/netscaler_gateway13.0 — 13.0-91.13+1

▶NVDcitrix/netscaler_application_delivery_controller12.1 — 12.1-55.297+4

▶citrixcitrix/xenserver

🔴Vulnerability Details

GHSA

GHSA-rq56-q73v-5g57: Privilege Escalation to root administrator (nsroot)↗2023-07-19

▶

VulnCheck

Citrix ADC and Citrix Gateway Root Administrator (nsroot) Privilege Escalation↗2023

▶

📋Vendor Advisories

Citrix

Citrix ADC and Citrix Gateway Security Bulletin for CVE-2023-3519, CVE-2023-3466, CVE-2023-3467↗2023-07-18

▶

🕵️Threat Intelligence

Greynoiseio

GreyNoise Detects Active Exploitation of CVEs Mentioned in Black Basta’s Leaked Chat Logs↗2025-02-26

▶

Qualys

Defense Lessons From the Black Basta Ransomware Playbook↗2025-02-25

▶

Qualys

Defense Lessons From the Black Basta Ransomware Playbook | Qualys↗2025-02-25

▶

Trendmicro

Spot the Difference: Earth Kasha's New LODEINFO Campaign And The Correlation Analysis With The APT10 Umbrella↗2024-11-19

▶

Trendmicro

Spot the Difference: Earth Kasha's New LODEINFO Campaign And The Correlation Analysis With The APT10 Umbrella↗2024-11-19

▶