help.bitsighttech.com
Open in
urlscan Pro
104.16.53.111
Public Scan
Submitted URL: https://files.bitsight.com/e3t/Ctc/LR+113/c1NcF04/VWhKd192BzsyW7XxZj65W1GqTW6WXg81519CxBN5GS5Rt5nCT_V3Zsc37CgHrqW34KW8T8q44...
Effective URL: https://help.bitsighttech.com/hc/en-us/articles/16139912561559-NetScaler-ADC-NetScaler-Gateway-RCE-CVE-2023-3519-?utm_campaign...
Submission: On July 20 via api from US — Scanned from DE
Effective URL: https://help.bitsighttech.com/hc/en-us/articles/16139912561559-NetScaler-ADC-NetScaler-Gateway-RCE-CVE-2023-3519-?utm_campaign...
Submission: On July 20 via api from US — Scanned from DE
Form analysis 1 forms found in the DOM
GET /hc/en-us/search
<form role="search" class="search" data-search="" action="/hc/en-us/search" accept-charset="UTF-8" method="get"><input name="utf8" type="hidden" value="✓" autocomplete="off"><input type="search" name="query" id="query" placeholder="Search"
aria-label="Search"></form>Text Content
Applications Security Performance Management Third Party Risk Management Cyber Insurance National Cybersecurity Submit a request Sign in 1. Bitsight Knowledge Base 2. Bitsight Data 3. Vulnerabilities & Infections ARTICLES IN THIS SECTION * Apache HTTP Web Server Resource Center * Apache Log4j Resource Center * Barracuda Email Security Gateway [CVE-2023-2868] * BlueKeep [CVE-2019-0708] * Cisco ASA Remote Code Execution and Denial of Service Vulnerability [CVE-2018-0101] * Cisco SMI Vulnerability * Cloudbleed * Confluence Server and Data Center Vulnerability Resource Center * Decrypting RSA with Obsolete and Weakened Encryption (DROWN) * DoublePulsar See more NETSCALER ADC & NETSCALER GATEWAY RCE [CVE-2023-3519] Ingrid Follow Publication Date – July 19, 2023 A remote code execution (RCE) vulnerability in several versions of NetScaler ADC (Citrix ADC) and NetScaler Gateway (Citrix Gateway) [CVE-2023-3519]. It allows remote, unauthenticated attackers to directly gain control and execute arbitrary code to a vulnerable device/server. This vulnerability is rated as critical. Appliances configured as a Gateway (e.g. VPN, ICA Proxy, CVP, RDP Proxy) or an AAA virtual server are vulnerable. * What To Do * Frequently Asked Questions * Resources WHAT TO DO If your organization is using an affected version of Citrix NetScaler, patch immediately. To identify third parties who may be exposed to this vulnerability: * See the Companies List page to identify which monitored companies show evidence of using Citrix NetScaler. * Select Citrix NetScaler & Citrix NetScaler Access Gateway: Apply Filters * You can also refer to CVE-2019-19781, which can be used as a rough proxy given its impact on the same product family: Apply Filters These search mechanisms are likely to return different results, as the former is identifying use of the NetScaler product, while the latter is looking for instances of NetScaler with a specific, older vulnerability. FREQUENTLY ASKED QUESTIONS * Is Bitsight impacted? * Is there a specific set of the filters to use? * Will this affect my rating? * Why is CVE-2023-3519 not in the platform? IS BITSIGHT IMPACTED? Bitsight is not impacted by this vulnerability and does not utilize these products. IS THERE A SPECIFIC SET OF THE FILTERS TO USE? We recommend selecting all NetScaler products from the Open Ports, Software, and Products filter sections. Selecting all products within a filter section results in an implicit OR and may cause you to unintentionally exclude results; while selecting products across filter sections result in an AND. WILL THIS AFFECT MY RATING? Our research effort for this CVE is still in progress. Detected exposure will only impact the rating if we have `confirmed exposure` from our vulnerability evidence. WHY IS CVE-2023-3519 NOT IN THE PLATFORM? Security Research is currently looking into support for this vulnerability. We can expect updates in the coming days. See the current cybersecurity news. RESOURCES * Citrix ADC and Citrix Gateway Security Bulletin for CVE-2023-3519, CVE-2023-3466, CVE-2023-3467 * Citrix Releases Security Updates for NetScaler ADC and Gateway | CISA * CVE-2023-3519: Critical RCE in NetScaler ADC (Citrix ADC) and NetScaler Gateway (Citrix Gateway) - Blog | Tenable® * Critical and High Vulnerabilities in Citrix ADC and Citrix Gateway (CVE-2023-3519, CVE-2023-3466, CVE-2023-3467) Was this article helpful? Have more questions? Submit a request Return to top RELATED ARTICLES * TPRM App: Companies List * NetScaler ADC & NetScaler Gateway RCE [CVE-2023-3519] – July 19, 2023 * Peer Comparison: Benchmarking * MOVEit Transfer Vulnerability [CVE-2023-34362] – June 9, 2023 * Infrastructure: Assets Contents © 2023 Bitsight Technologies * Privacy Policy | * Disclaimer | * Terms and Conditions | * Contact Bitsight | * Bitsight Academy | * Bitsight Support