#VU9683 Information disclosure in Citrix NetScaler - CVE-2017-17549

Cybersecurity Help s.r.o.

Published: 2017-12-19

Vulnerability identifier: #VU9683

Vulnerability risk: Low

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2017-17549

CWE-ID: CWE-200

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Citrix NetScaler
Server applications / Remote management servers, RDP, SSH

Vendor: Citrix

Description
The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.

The weakness exists on systems using TLS with client certificates enabled and Diffie-Hellman Ephemeral (DHE) key exchange due to unspecified error. A remote attacker can obtain cleartext traffic from the backend client TLS handshake.

Mitigation
Update to version 10.5 build 67.13, 11.0 build 71.22, 11.1 build 56.19, 12.0 build 53.22 or later.

Vulnerable software versions

Citrix NetScaler: 10.5 Build 50.10 - 12.0 Build 53.13

External links
https://support.citrix.com/article/CTX230612

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Information disclosure in Citrix NetScaler