Home
Mapping Frameworks
Known Exploited Vulnerabilities Home
Citrix NetScaler ADC and NetScaler Gateway Buffer Overflow Vulnerability

Known Exploited Vulnerabilities CVE-2023-4966

Sensitive information disclosure in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA  virtual server.

Mappings

Capability ID	Capability Description	Mapping Type	ATT&CK ID	ATT&CK Name	Notes
CVE-2023-4966	Citrix NetScaler ADC and NetScaler Gateway Buffer Overflow Vulnerability	secondary_impact	T1134.001	Token Impersonation/Theft	Comments This is a buffer overflow vulnerability that results in unauthorized disclosure of memory, including session tokens. References https://www.assetnote.io/resources/research/citrix-bleed-leaking-session-tokens-with-cve-2023-4966 https://www.cisa.gov/guidance-addressing-citrix-netscaler-adc-and-gateway-vulnerability-cve-2023-4966-citrix-bleed
CVE-2023-4966	Citrix NetScaler ADC and NetScaler Gateway Buffer Overflow Vulnerability	primary_impact	T1005	Data from Local System	Comments This is a buffer overflow vulnerability that results in unauthorized disclosure of memory, including session tokens. References https://www.assetnote.io/resources/research/citrix-bleed-leaking-session-tokens-with-cve-2023-4966 https://www.cisa.gov/guidance-addressing-citrix-netscaler-adc-and-gateway-vulnerability-cve-2023-4966-citrix-bleed
CVE-2023-4966	Citrix NetScaler ADC and NetScaler Gateway Buffer Overflow Vulnerability	exploitation_technique	T1574	Hijack Execution Flow	Comments This is a buffer overflow vulnerability that results in unauthorized disclosure of memory, including session tokens. References https://www.assetnote.io/resources/research/citrix-bleed-leaking-session-tokens-with-cve-2023-4966 https://www.cisa.gov/guidance-addressing-citrix-netscaler-adc-and-gateway-vulnerability-cve-2023-4966-citrix-bleed