Scheduled maintenance is currently in progress. We will provide updates as necessary.
Posted Jul 24, 2024 - 18:00 CEST
Scheduled
Today, 24th of July 2024, Datacenter Network Team, will continue with the upgrades of NetScaler ADCs starting at 18:00 CET until 20:00 CET and during this time, we expect to have disruptions.
Change Details: Two vulnerabilities have been discovered in NetScaler ADC (formerly Citrix ADC) and NetScaler Gateway (formerly Citrix Gateway).
To avoid an incident, we need to upgrade the Netscaler ADCs to the latest version that was released, as soon as possible.
We expect to have disruptions on the service. In the worst case scenario, downtime may also appear.
CVE ID: CVE-2024-5491 Description: Denial of Service Pre-requisites: ADC or Gateway appliance configured with SNMP (NSIP/SNIP) CWE: CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CVSS: CVSS v4.0 Base Score: 7.1
CVE ID: CVE-2024-5492 Description: Open redirect vulnerability allows a remote unauthenticated attacker to redirect users to arbitrary websites Pre-requisites: Requires targeted user to access an attacker-controlled URL while being on a network with access to NSIP CWE: CWE-601: URL Redirection to Untrusted Site ('Open Redirect') CVSS: CVSS v4.0 Base Score: 5.1
Date: 24th of July 2024 Timeline: The change window will be between 18:00 CET and 20:00 CET. Downtime: We expect to have disruptions on the service. In the worst case scenario, downtime may also appear.