Topics Security Off-Prem On-Prem Software Offbeat Special Features Vendor Voice Vendor Voice Resources Just when you thought you had recovered from Bleed
Two vulnerabilities in NetScaler's ADC and Gateway products have been fixed – but not before criminals found and exploited them, according to the vendor. CVE-2023-6548 could allow remote code execution (RCE) in the appliances' management interface. It received a 5.5 CVSS rating, which is low for an RCE bug. One reason for this may be because it does require the attacker to be authenticated, albeit with low-level privileges, and they must have access to NetScaler IP (NSIP), Subnet IP (SNIP), or...