CVE-2024-8534 Memory safety vulnerability leading to memory corruption and Denial of Service

🗓️ 12 Nov 2024 18:15:44Reported by CitrixType

Memory safety vulnerability in NetScaler ADC and Gatewa

Reporter	Title	Published	Views	Family All 13
BDU FSTEC	The vulnerability of the Citrix NetScaler Application Delivery Controller (previously Citrix ADC) and the Citrix NetScaler Gateway (previously Citrix Gateway) access control systems lies in the fact that operations are executed outside of the buffer in memory, allowing attackers to cause service failures.	3 Dec 202400:00	–	bdu_fstec
Circl	CVE-2024-8534	12 Nov 202416:21	–	circl
CISA	Citrix Releases Security Updates for NetScaler and Citrix Session Recording	12 Nov 202412:00	–	cisa
CNNVD	Citrix Systems NetScaler Gateway和NetScaler ADC 缓冲区错误漏洞	12 Nov 202400:00	–	cnnvd
CVE	CVE-2024-8534	12 Nov 202418:15	–	cve
EUVD	EUVD-2024-49549	3 Oct 202520:07	–	euvd
NCSC	Vulnerabilities fixed in Citrix NetScaler ADC and NetScaler Gateway	13 Nov 202415:10	–	ncsc
Tenable Nessus	NetScaler ADC and NetScaler Gateway Multiple Vulnerabilities (CTX691608)	15 Nov 202400:00	–	nessus
NVD	CVE-2024-8534	12 Nov 202419:15	–	nvd
OSV	CVE-2024-8534	12 Nov 202419:15	–	osv

[
  {
    "defaultStatus": "unaffected",
    "product": "NetScaler ADC",
    "vendor": "NetSclaer",
    "versions": [
      {
        "lessThan": "29.72",
        "status": "affected",
        "version": "14.1",
        "versionType": "patch"
      },
      {
        "lessThan": "55.34",
        "status": "affected",
        "version": "13.1",
        "versionType": "patch"
      },
      {
        "lessThan": "37.207",
        "status": "affected",
        "version": "13.1-FIPS",
        "versionType": "patch"
      },
      {
        "lessThan": "55.321",
        "status": "affected",
        "version": "12.1-FIPS",
        "versionType": "patch"
      },
      {
        "lessThan": "55.321",
        "status": "affected",
        "version": "12.1-NDcPP",
        "versionType": "patch"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "NetScaler Gateway",
    "vendor": "NetScaler",
    "versions": [
      {
        "lessThan": "29.72",
        "status": "affected",
        "version": "14.1",
        "versionType": "patch"
      },
      {
        "lessThan": "55.34",
        "status": "affected",
        "version": "13.1",
        "versionType": "patch"
      },
      {
        "lessThan": "37.207",
        "status": "affected",
        "version": "13.1-FIPS",
        "versionType": "patch"
      },
      {
        "lessThan": "55.321",
        "status": "affected",
        "version": "12.1-FIPS",
        "versionType": "patch"
      },
      {
        "lessThan": "55.321",
        "status": "affected",
        "version": "12.1-NDcPP",
        "versionType": "patch"
      }
    ]
  }
]

Source	Link
support	www.support.citrix.com/s/article/CTX691608-netscaler-adc-and-netscaler-gateway-security-bulletin-for-cve20248534-and-cve20248535

12 Nov 2024 18:15Current

CVSS 48.4

EPSS0.01347

CWE-119