On 18-July-2023, Citrix released a Critical security bulletin for all organizations using the Citrix NetScaler ADC software.
Upon assessing the Appian platform against all details of the CVE, we can confirm that the Appian platform is not impacted by the vulnerability described in the Citrix security advisory. We will continue to monitor the situation and provide any updates as appropriate.
The following CVEs were released with additional information on the scope of the vulnerability:
CVE-2023-3466 (“Reflected Cross-Site Scripting (XSS)”)CVE-2023-3467 (“Privilege Escalation to root administrator (nsroot)”)CVE-2023-3519 (“Citrix NetScaler ADC and NetScaler Gateway Code Injection Vulnerability”)
This article applies to all supported versions of Appian.
Last reviewed: July 25, 2023