https://community.appian.com/support/w/kb/3210/kb-2255-information-about-the-citrix-netscaler-adc-security-advisory-cve-2023-3466-cve-2023-3467-cve-2023-3519en-USTelligent Community 12https://community.appian.com/support/w/kb/3210/kb-2255-information-about-the-citrix-netscaler-adc-security-advisory-cve-2023-3466-cve-2023-3467-cve-2023-3519Tue, 25 Jul 2023 16:54:45 GMTd3a83456-d57b-489c-a84c-4e8267bb592a:75e52e9d-6d1f-49ea-94c2-d262820049d2Elly Menghttps://community.appian.com/support/w/kb/3210/kb-2255-information-about-the-citrix-netscaler-adc-security-advisory-cve-2023-3466-cve-2023-3467-cve-2023-3519#commentsCurrent Revision posted to Appian Knowledge Base by Elly Meng on 7/25/2023 4:54:45 PM<br /> <p><span style="font-weight:400;">On 18-July-2023, Citrix released a </span><a href="https://support.citrix.com/article/CTX561482/citrix-adc-and-citrix-gateway-security-bulletin-for-cve20233519-cve20233466-cve20233467"><span style="font-weight:400;">Critical security bulletin</span></a><span style="font-weight:400;"> for all organizations using the Citrix NetScaler ADC software.</span></p> <p><span style="font-weight:400;">Upon assessing the Appian platform against all details of the CVE, we can confirm that the Appian platform is not impacted by the vulnerability described in the Citrix security advisory. We will continue to monitor the situation and provide any updates as appropriate.</span></p> <h2><span style="font-weight:400;">Additional Notes:</span></h2> <p><span style="font-weight:400;">The following CVEs were released with additional information on the scope of the vulnerability:</span></p> <p><a href="https://nvd.nist.gov/vuln/detail/CVE-2023-3466"><span style="font-weight:400;">CVE-2023-3466</span></a><span style="font-weight:400;"> (&ldquo;Reflected Cross-Site Scripting (XSS)&rdquo;)</span><span style="font-weight:400;"><br /></span><a href="https://nvd.nist.gov/vuln/detail/CVE-2023-3467"><span style="font-weight:400;">CVE-2023-3467</span></a><span style="font-weight:400;"> (&ldquo;Privilege Escalation to root administrator (nsroot)&rdquo;)</span><span style="font-weight:400;"><br /></span><a href="https://nvd.nist.gov/vuln/detail/CVE-2023-3519"><span style="font-weight:400;">CVE-2023-3519</span></a><span style="font-weight:400;"> (&ldquo;Citrix NetScaler ADC and NetScaler Gateway Code Injection Vulnerability&rdquo;)</span></p> <h2><span style="font-weight:400;">Supporting Documentation:</span></h2> <ul> <li style="font-weight:400;"><a href="https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-201a"><span style="font-weight:400;">https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-201a</span></a></li> <li style="font-weight:400;"><a href="https://support.citrix.com/article/CTX561482/citrix-adc-and-citrix-gateway-security-bulletin-for-cve20233519-cve20233466-cve20233467"><span style="font-weight:400;">https://support.citrix.com/article/CTX561482/citrix-adc-and-citrix-gateway-security-bulletin-for-cve20233519-cve20233466-cve20233467</span></a><span style="font-weight:400;">&nbsp;</span></li> </ul> <h2><span style="font-weight:400;">Affected Versions</span></h2> <p><span style="font-weight:400;">This article applies to all supported versions of Appian.</span></p> <p><span style="font-weight:400;">Last reviewed: July 25, 2023</span></p><div style="clear:both;"></div> <div style="font-size: 90%;">Tags: Security</div> https://community.appian.com/support/w/kb/3210/kb-2255-information-about-the-citrix-netscaler-adc-security-advisory-cve-2023-3466-cve-2023-3467-cve-2023-3519/revision/1Tue, 25 Jul 2023 16:54:15 GMTd3a83456-d57b-489c-a84c-4e8267bb592a:75e52e9d-6d1f-49ea-94c2-d262820049d2Elly Menghttps://community.appian.com/support/w/kb/3210/kb-2255-information-about-the-citrix-netscaler-adc-security-advisory-cve-2023-3466-cve-2023-3467-cve-2023-3519#commentsRevision 1 posted to Appian Knowledge Base by Elly Meng on 7/25/2023 4:54:15 PM<br /> <p><span style="font-weight:400;">On 18-July-2023, Citrix released a </span><a href="https://support.citrix.com/article/CTX561482/citrix-adc-and-citrix-gateway-security-bulletin-for-cve20233519-cve20233466-cve20233467"><span style="font-weight:400;">Critical security bulletin</span></a><span style="font-weight:400;"> for all organizations using the Citrix NetScaler ADC software.</span></p> <p><span style="font-weight:400;">Upon assessing the Appian platform against all details of the CVE, we can confirm that the Appian platform is not impacted by the vulnerability described in the Citrix security advisory. We will continue to monitor the situation and provide any updates as appropriate.</span></p> <h2><span style="font-weight:400;">Additional Notes:</span></h2> <p><span style="font-weight:400;">The following CVEs were released with additional information on the scope of the vulnerability:</span></p> <p><a href="https://nvd.nist.gov/vuln/detail/CVE-2023-3466"><span style="font-weight:400;">CVE-2023-3466</span></a><span style="font-weight:400;"> (&ldquo;Reflected Cross-Site Scripting (XSS)&rdquo;)</span><span style="font-weight:400;"><br /></span><a href="https://nvd.nist.gov/vuln/detail/CVE-2023-3467"><span style="font-weight:400;">CVE-2023-3467</span></a><span style="font-weight:400;"> (&ldquo;Privilege Escalation to root administrator (nsroot)&rdquo;)</span><span style="font-weight:400;"><br /></span><a href="https://nvd.nist.gov/vuln/detail/CVE-2023-3519"><span style="font-weight:400;">CVE-2023-3519</span></a><span style="font-weight:400;"> (&ldquo;Citrix NetScaler ADC and NetScaler Gateway Code Injection Vulnerability&rdquo;)</span></p> <h2><span style="font-weight:400;">Supporting Documentation:</span></h2> <ul> <li style="font-weight:400;"><a href="https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-201a"><span style="font-weight:400;">https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-201a</span></a></li> <li style="font-weight:400;"><a href="https://support.citrix.com/article/CTX561482/citrix-adc-and-citrix-gateway-security-bulletin-for-cve20233519-cve20233466-cve20233467"><span style="font-weight:400;">https://support.citrix.com/article/CTX561482/citrix-adc-and-citrix-gateway-security-bulletin-for-cve20233519-cve20233466-cve20233467</span></a><span style="font-weight:400;">&nbsp;</span></li> </ul> <h2><span style="font-weight:400;">Affected Versions</span></h2> <p><span style="font-weight:400;">This article applies to all supported versions of Appian.</span></p> <p><span style="font-weight:400;">Last reviewed: July 25, 2023</span></p><div style="clear:both;"></div>