2025-02-22 11:30:27 Pacfic
Citrix Releases Security Fix for NetScaler Vulnerability - 1d
A high-severity vulnerability, CVE-2024-12284, affects NetScaler Console and NetScaler Console Agent. An authenticated attacker could exploit this improper privilege management vulnerability to execute commands without authorization, leading to significant security risks. Mitigation involves upgrading to the latest non-vulnerable builds and implementing security best practices, such as configuring external authentication.
Citrix Netscaler Password Spray Attacks Reported - 7d
Citrix has reported ongoing password spraying attacks against their NetScaler products and various platforms. These attacks target user authentication against historical, pre-nFactor endpoints, causing resource exhaustion, excessive logging, management CPU overload, and appliance instability. The attacks are primarily brute-force attempts and represent a significant threat to organizations utilizing these products. Citrix has provided mitigation steps to address these issues which should be implemented urgently.