Skip to main content

Citrix Products Multiple Vulnerabilities

Release Date: 19 Jul 2023 4241 Views

RISK: Extremely High Risk

TYPE: Operating Systems - Networks OS

TYPE: Networks OS

Multiple vulnerabilities were identified in Citrix Products. A remote attacker could exploit some of these vulnerabilities to trigger elevation of privilege, remote code execution and cross-site scripting on the targeted system.



According to Citrix, exploits of CVE-2023-3519 on unmitigated appliances have been observed.


  • Remote Code Execution
  • Elevation of Privilege
  • Cross-Site Scripting

System / Technologies affected

  • NetScaler ADC and NetScaler Gateway 13.1 before 13.1-49.13
  • NetScaler ADC and NetScaler Gateway 13.0 before 13.0-91.13
  • NetScaler ADC 13.1-FIPS before 13.1-37.159
  • NetScaler ADC 12.1-FIPS before 12.1-55.297
  • NetScaler ADC 12.1-NDcPP before 12.1-55.297

Note: NetScaler ADC and NetScaler Gateway version 12.1 is now End Of Life (EOL) and is vulnerable.


Before installation of the software, please visit the software vendor web-site for more details.


  • The vendor has issued a fix:
    NetScaler ADC and NetScaler Gateway 13.1-49.13 and later releases
    NetScaler ADC and NetScaler Gateway 13.0-91.13 and later releases of 13.0
    NetScaler ADC 13.1-FIPS 13.1-37.159 and later releases of 13.1-FIPS 
    NetScaler ADC 12.1-FIPS 12.1-55.297 and later releases of 12.1-FIPS
    NetScaler ADC 12.1-NDcPP 12.1-55.297 and later releases of 12.1-NDcPP

For details:

Vulnerability Identifier


Related Link