CVE-2023-4966
Citrix NetScaler ADC and Gateway buffer overflow session token leak (CitrixBleed). It allows capturing active sessions.
Vulnerability Profile
CVSS Score
9.4 / 10.0
Severity
Critical
Exploitation Status
⚠ Active Exploitation
Patch Status
✓ Patch Available
Affected Software
Citrix NetScaler ADC ve Gateway
Exploitation Method
Buffer Overflow / Session Hijack
MITRE ATT&CK
T1550 - Use Alternate Authentication Material
CVE-2023-4966 (CitrixBleed) Citrix NetScaler ADC/Gateway buffer overflow ile oturum belirteci (session token) sizintisi. Authentication olmadan mevccut oturumlarin ele gecirilmesini sagliyor. LockBit, Medusa ve bircok ransomware grubu tarafindan aktif kullanilmistir.