Citrix has published security bulletins for NetScaler and Citrix Session Recording

Citrix has published security bulletins for NetScaler and Citrix Session Recording

Samana Group LLC Samana Group LLC

Samana Group LLC

Samana Group provides virtual workspaces, and services for virtual environments.

发布日期: 2024年11月12日
+ 关注

Citrix has updated security bulletins for CVE-2024-8534, CVE-2024-8535,?CVE-2024-8068 and CVE-2024-8069:

  • CVE-2024-8534:? A memory safety vulnerability in NetScaler ADC and NetScaler Gateway with RDP Feature enabled and configured as Gateway (VPN Vserver) or?Auth Server (AAA Vserver) would allow an attacker to cause?memory corruption and Denial of Service.
  • CVE-2024-8535:? A vulnerability in NetScaler ADC and NetScaler Gateway with?configurations for Kerberos SSO and set up as Gateway (VPN Vserver) or?Auth Server (AAA Vserver) would allow an authenticated user to access?unintended user capabilities.
  • CVE-2024-8068: A vulnerability in Citrix Session Recording would allow an authenticated user in the same Windows Active Directory domain as the session recording server domain to perform privilege escalation to NetworkService Account access.?
  • CVE-2024-8069:? A vulnerability in Citrix Session Recording would allow an authenticated user on the same intranet as the session recording server to perform limited remote code execution with the privilege of a NetworkService Account access.

We recommend that that you review the Citrix Security Bulletins to determine whether your devices are vulnerable and follow the recommendations.

要查看或添加评论,请登录

Samana Group LLC的更多文章

社区洞察

其他会员也浏览了