⚠️ CSG is failing to honor its GPL obligations, say critics - The Register
「 Cloud Software Group – the post-merger offspring of Citrix and Tibco – has decided to withdraw the community edition of its JasperReports Server. Now all you can get is the commercial edition, with a 30-day free trial 」
Citrix Hypervisor Security Bulletin for CVE-2023-46838. "An issue has been discovered that affects Citrix Hypervisor 8.2 CU1 LTSR and may allow malicious privileged code in a guest VM to cause the host to crash or become unresponsive." We have released a hotfix (NOTE: NOT A PROPER PATCH) to address this issue.
🔗 https://support.citrix.com/article/CTX587605/citrix-hypervisor-security-bulletin-for-cve202346838
Citrix security advisory contains two zero-days: Two vulnerabilities have been discovered in NetScaler ADC (formerly Citrix ADC) and NetScaler Gateway (formerly Citrix Gateway):
Citrix security advisory "have reports of incidents consistent with session hijacking, and have received credible reports of targeted attacks exploiting" CVE-2023-4966 (NVD 7.5 high/vendor 9.4 critical, disclosed 10 October 2023 by Citrix, reported exploited in the wild as a zero day by Mandiant on 17 October 2023, added to CISA Known Exploited Vulnerabilities Catalog on 18 October 2023). No IOC provided still. Link:https://www.netscaler.com/blog/news/cve-2023-4966-critical-security-update-now-available-for-netscaler-adc-and-netscaler-gateway/
AssetNote provides a Proof of Concept and technical analysis for CVE-2023-4966 (NVD 7.5 high/vendor 9.4 critical, disclosed 10 October 2023 by Citrix, reported exploited in the wild as a zero day by Mandiant on 17 October 2023, added to CISA Known Exploited Vulnerabilities Catalog on 18 October 2023) Link:https://www.assetnote.io/resources/research/citrix-bleed-leaking-session-tokens-with-cve-2023-4966
#citrix posts a security advisory with a cvss of 9.4 a nd then entirely fails to provide adequate resources so that this may be downloaded. My frustration and that of my colleagues knows no bounds
@governa This article is confusing because it references the old CVE that came out in the summer, and talks about that being exploited, but there is a new one today, with very little information available about it.