CVE-2023-4966
CRITICALSensitive information disclosure in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server.
Published: 10/10/2023Modified: 6/17/2026
References (5)
http://packetstormsecurity.com/files/175323/Citrix-Bleed-Session-Token-Leakage-Proof-Of-Concept.htmlThird Party AdvisoryVDB Entryhttps://support.citrix.com/article/CTX579459Vendor Advisoryhttp://packetstormsecurity.com/files/175323/Citrix-Bleed-Session-Token-Leakage-Proof-Of-Concept.htmlThird Party AdvisoryVDB Entryhttps://support.citrix.com/article/CTX579459Vendor Advisoryhttps://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-4966US Government Resource