CVE-2023-24487

Summary

Arbitrary file read in Citrix ADC and Citrix Gateway 

Affected Software

VendorProductVersion RangeStatus
CitrixCitrix ADC and Citrix Gateway 13.1 < 13.1-45.61affected
CitrixCitrix ADC and Citrix Gateway 13.0 < 13.0-90.11 affected
CitrixCitrix ADC and Citrix Gateway 12.1 < 12.1-65.35affected
CitrixCitrix ADC and Citrix Gateway 12.1-FIPS < 12.1-55.296affected
CitrixCitrix ADC and Citrix Gateway 13.1-FIPS < 13.1-37.150affected
CitrixCitrix ADC and Citrix Gateway 12.1-NDcPP < 12.1-55.296affected

Weaknesses

  • CWE-253: CWE-253: Incorrect Check of Function Return Value

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References