@simontsui Good question. It's not that simple :)

I agree with all of your observations. Personally, I like #CVE_2023_4966 the best for readability.

The cvecrowd crawler searches for #CVE20234966, #CVE2023_4966, #CVE_20234966, #CVE_2023_4966 just to not miss anything. However, the thing that makes it complicated is searching for the hashtags used. There are too many CVE numbers to search for all of them regularly.

When searching for #CVE results do not include ANY of the above formats. Ironically, what it does find is #CVE-2023-4966.

In addition to hashtags, I also use full text search. When searching for "CVE" it finds CVE-2023-4966, but not when its written as a hashtag.

So a reliable way to get my crawler to find CVE posts is to use either the word "CVE", perhaps in combination with a CVE ID as described above, or the hashtag #CVE.

#Citrix #CVE20234966, #Citrixbleed #Netscaler anybody? Make sure you have the patches/updates installed. And use the
software from #Greenbone, a customer of Feilner-IT and world market leader in
opensource vulnerability management. (They are the enterprise distribution of
OpenVAS, former Nessus - the old ones will remember - and they come with a
great recommendation from the BSI... there's an special openVAS page. :-)
English:

https://www.greenbone.net/en/blog/critical-vulnerability-in-citrix-netscaler/

German:

https://www.greenbone.net/blog/kritische-sicherheitsluecke-in-citrix-netscaler/

POC for CVE-2023-4966 - Info disclosure in NetScaler ADC (formerly Citrix ADC) and NetScaler Gateway (formerly Citrix Gateway).

https://github.com/assetnote/exploits/tree/main/citrix/CVE-2023-4966

Related blog post: https://www.assetnote.io/resources/research/citrix-bleed-leaking-session-tokens-with-cve-2023-4966

#pentesting #redteam #hacking #CVE_2023_4966 #CVE_2023_4966 #CVE20234966

" Urgent Patch Alert: Citrix NetScaler CVE-2023-4966 "

Citrix has issued an urgent warning for admins to patch the NetScaler CVE-2023-4966 vulnerability immediately. This critical flaw, rated 9.4/10 in severity, allows remote exploitation without user interaction. The vulnerability affects NetScaler appliances configured as a Gateway or an AAA virtual server. Although Citrix initially had no evidence of exploitation in the wild, Mandiant disclosed ongoing attacks a week later. Threat actors have been leveraging this zero-day since late August 2023 to hijack authentication sessions, potentially bypassing multifactor authentication. Mandiant also reported instances where the vulnerability was used to infiltrate government and tech corporation infrastructures. Admins are strongly advised to patch and kill all active sessions.

Source: BleepingComputer

Tags: #Citrix #NetScaler #CVE20234966 #CyberSecurity #PatchAlert #ZeroDay #Mandiant #AuthenticationHijack 🛡️🔐🌐

Author: Sergiu Gatlan - :birdsite:​ Twitter

For those with Citrix NetScaler ADC/Gateway you’ll want to patch for CVE-2023-4966 released 10th Oct and actively exploited. Details:

https://www.mandiant.com/resources/blog/remediation-netscaler-adc-gateway-cve-2023-4966

#CVE20234966

"🚨 Critical Flaws in Citrix NetScaler Expose Data & Enable DoS Attacks 🚨"

Citrix NetScaler has been hit with two critical vulnerabilities, CVE-2023-4966 and CVE-2023-4967, exposing sensitive data and enabling DoS attacks. The former, with a CVSS score of 9.4, allows remote exploitation without high-level access, while the latter, scoring 8.2, enables a Denial of Service attack on vulnerable devices. Citrix has rolled out security upgrades, urging customers to update to safeguard their systems. 🛡️🌐

CVE-2023-4966: This one's pretty severe and could allow unauthorized access to sensitive data without needing high-level access or user involvement.
CVE-2023-4967: Another biggie, this could enable a ‘Denial of Service attack’, basically shutting down our systems.

Source: GBHackers by Divya

Tags: #Citrix #NetScaler #Vulnerability #CyberSecurity #DataExposure #DoSAttack #CVE20234966 #CVE20234967 #CyberAttack #InfoSec

🔗 MITRE CVE-2023-4966
🔗 MITRE CVE-2023-4967