Netscaler Vulnerability

by Daniel Poole 0 Comments

Today, Citrix released a security bulletin related to their NetScaler Application Delivery Controller and NetScaler Gateway, detailing a vulnerability that allows an attacker to gain administrative access to the appliance.  Specifically, this vulnerability affects the following product versions:

  • Citrix NetScaler ADC and NetScaler Gateway version 12.0 earlier than build 53.13 (except for build 41.24)
  • Citrix NetScaler ADC and NetScaler Gateway version 11.1 earlier than build 55.13
  • Citrix NetScaler ADC and NetScaler Gateway version 11.0 earlier than build 70.16
  • Citrix NetScaler ADC and NetScaler Gateway version 10.5 earlier than build 66.9
  • Citrix NetScaler ADC and NetScaler Gateway version 10.5e earlier than build 60.7010.e
  • Citrix NetScaler ADC and NetScaler Gateway version 10.1 earlier than build 135.18

Access is Everything
This flaw will affect you in different ways depending on how the management interface of the device is configured and how it’s positioned on the network.  Here’s the breakdown along with what you should do:

  • Internet Connected:  If your management interface is directly accessible via the internet, you have a critical risk.  Although there are currently no known exploits, this level of exposure allows any internet connected threat to exploit the vulnerability.  What to do:  Immediately apply the patch listed below and consider placing it on a private, protected VLAN or protecting it with access controls.
  • Internal Network with Minimal Access Controls:  This configuration will limit your exposure to a malicious insider or to an outsider via an exposed or compromised internal host.  What to do:  If the interface is on the internal network, consider protecting it with Access Control Lists or other controls to limit access, and apply the patch based on your assessment of overall risk.
  • Internal Network on an Isolated Management VLAN:  The ideal configuration.  The flaw still exists, but exposure is very limited and mitigated by the isolation and control provided by the VLAN.  What to do:  You should still upgrade to the version of the Citrix NetScaler ADC or NetScaler Gateway within your standard maintenance window to fix the issue.

To level set, the potential impact of a successful network intrusion, as a result of this vulnerability, includes:

  • Temporary or permanent loss of sensitive or proprietary information
  • Disruption to regular operations
  • Financial losses incurred to restore systems and files
  • Potential harm to your company’s reputation

We’ve Got You Covered
We know the onslaught of security news can be overwhelming, and we tailor our communications to the most relevant and need-to-know information.  If you wish to learn how Agio can help you stay protected against security vulnerabilities, speak to a member of our support team today.