CVE-2018-18517 - Cross-Site Scripting Vulnerability in Citrix NetScaler

2018-10-23T04:00:00
ID CTX239002
Type citrix
Reporter Citrix
Modified 2019-08-15T04:00:00

Description

<section class="article-content" data-swapid="ArticleContent"> <div class="content-block" data-swapid="ContentBlock"><div> <div> <!--googleoff: all--> <h2 id="DescriptionofProblem"> Description of Problem</h2> <!--googleon: all--> <div> <div> <div> <p>A Cross-Site Scripting (XSS) vulnerability has been identified in Citrix NetScaler Gateway, formerly known as Citrix Access Gateway Enterprise Edition and Citrix ADC formerly known as NetScaler ADC, that if exploited by an attacker with access to the NetScaler administrative user interface including the management interface, could potentially be used to execute malicious client-side script in the same context as legitimate content from the web server; if this vulnerability is used to execute script in the browser of an authenticated user then the script may be able to gain access to the authenticated user's session or other potentially sensitive information.</p> <p>This vulnerability has been assigned the following CVE number:</p> <p>• CVE-2018-18517: Cross-Site Scripting vulnerability in Citrix NetScaler Gateway</p> <p>This vulnerability is present in the following versions of Citrix NetScaler Gateway and Citrix ADC:</p> <p>10.5.x earlier than version 10.5.69.3</p> <p>11.1.x earlier than version 11.1.59.10</p> <p>12.0.x earlier than version 12.0.58.18</p> <p>12.1.x earlier than version 12.1.49.23</p> </div> </div> </div> <!--googleoff: all--> <hr/> </div> <div> <!--googleoff: all--> <h2 id="WhatCustomersShouldDo"> What Customers Should Do</h2> <!--googleon: all--> <div> <div> <div> <p>This vulnerability has been addressed in new versions of the Citrix NetScaler Gateway and Citrix ADC software. Citrix recommends that customers upgrade their Citrix NetScaler Gateway and Citric ADC appliances to one of the following versions:</p> <p>10.5.69.3 and later</p> <p>11.1.59.10 and later</p> <p>12.0.58.18 and later</p> <p>12.1.49.23 and later</p> <p> </p> <p>These upgrades can be obtained from the Citrix website at the following location:</p> <p>Citrix NetScaler Gateway:</p> <p> <a href="https://www.citrix.com/downloads/citrix-gateway/product-software.html">https://www.citrix.com/downloads/citrix-gateway/product-software.html</a></p> <p>Citrix ADC:</p> <p> <a href="https://www.citrix.com/downloads/citrix-adc/">https://www.citrix.com/downloads/citrix-adc/</a></p> <p>Please note that a MyCitrix account is required to access this location.</p> </div> </div> </div> <!--googleoff: all--> <hr/> </div> <div> <!--googleoff: all--> <h2 id="MitigatingFactors"> Mitigating Factors</h2> <!--googleon: all--> <div> <div> <div> <p>In order to exploit this vulnerability, an attacker would require access to the management interface of the NetScaler. In situations where customers have deployed their NetScaler Gateway appliances in line with industry best practice, network access to this interface should already be restricted.<br/> </p> </div> </div> </div> <!--googleoff: all--> <hr/> </div> <div> <!--googleoff: all--> <h2 id="Acknowledgements"> Acknowledgements</h2> <!--googleon: all--> <div> <div> <div> <p>Citrix thanks Davide Peruzzi of <a href="https://gosecure.it">gosecure.it</a> for working with us on CVE-2018-18517 to protect Citrix customers.</p> </div> </div> </div> <!--googleoff: all--> <hr/> </div> <div> <!--googleoff: all--> <h2 id="WhatCitrixIsDoing"> What Citrix Is Doing</h2> <!--googleon: all--> <div> <div> <div> <div> <div> <p>Citrix is notifying customers and channel partners about this potential security issue. This article is also available from the Citrix Knowledge Center at <u> <a href="http://support.citrix.com/">http://support.citrix.com/</a></u>.</p> </div> </div> </div> </div> </div> <!--googleoff: all--> <hr/> </div> <div> <!--googleoff: all--> <h2 id="ObtainingSupportonThisIssue"> Obtaining Support on This Issue</h2> <!--googleon: all--> <div> <div> <div> <div> <div> <p>If you require technical assistance with this issue, please contact Citrix Technical Support. Contact details for Citrix Technical Support are available at <u> <a href="https://www.citrix.com/support/open-a-support-case.html">https://www.citrix.com/support/open-a-support-case.html</a></u>. </p> </div> </div> </div> </div> </div> <!--googleoff: all--> <hr/> </div> <div> <!--googleoff: all--> <h2 id="ReportingSecurityVulnerabilities"> Reporting Security Vulnerabilities</h2> <!--googleon: all--> <div> <div> <div> <div> <div> <p>Citrix welcomes input regarding the security of its products and considers any and all potential vulnerabilities seriously. For guidance on how to report security-related issues to Citrix, please see the following document: CTX081743 – <a href="http://support.citrix.com/article/CTX081743">Reporting Security Issues to Citrix</a></p> </div> </div> </div> </div> </div> <!--googleoff: all--> <hr/> </div> <div> <!--googleoff: all--> <h2 id="Changelog"> Changelog</h2> <!--googleon: all--> <div> <div> <div> <table border="1" cellpadding="1" cellspacing="0" width="100%"> <tbody> <tr> <td>Date </td> <td>Change</td> </tr> <tr> <td>October 23rd 2018</td> <td>Initial bulletin published</td> </tr> <tr> <td>October 25th 2018</td> <td>Updated description and version numbering</td> </tr> <tr> <td>November 5th 2018</td> <td>Updated description to include Citrix ADC</td> </tr> <tr> <td>November 15th 2018</td> <td>Updated applicable products</td> </tr> </tbody> </table> </div> </div> </div> <!--googleoff: all--> <hr/> </div> </div></div> </section>