What is CVE-2023-4967?

A high-severity Denial of Service vulnerability has been identified in Citrix NetScaler ADC and Gateway. This issue affects various versions and can lead to significant service disruptions. Organizations are advised to prioritize patching.

What is the severity of CVE-2023-4967?

CVE-2023-4967 has a severity rating of HIGH with a CVSS base score of 8.2.

CVE-2023-4967 | High Vulnerability in Citrix NetScaler ADC and Gateway

CVE-2023-4967 is a high-severity Denial of Service vulnerability affecting Citrix NetScaler ADC and Gateway. This vulnerability allows attackers to exploit the system when it is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA Virtual Server. The CVSS score of 8.2 indicates a significant risk to organizations using affected versions.

The urgency for defenders is high due to the potential for service disruption. Given the high availability impact of this vulnerability, organizations should prioritize patching immediately to mitigate risks associated with attacks leveraging this flaw.

Currently, there are no known exploits in the wild, but the availability of the vulnerability and its impact necessitate timely remediation efforts.

Organizations using Citrix NetScaler products must remain vigilant and ensure that they are using up-to-date versions to protect against this vulnerability.

Vulnerability Details

The vulnerability allows for Denial of Service due to misconfigurations in the Citrix NetScaler ADC and Gateway. The CVSS score, derived from its potential impact on availability, is particularly concerning, scoring at 8.2, which reflects a high severity level. The vulnerability was disclosed on October 27, 2023.

The affected components include the NetScaler Application Delivery Controller and NetScaler Gateway across multiple versions. The vulnerability is associated with CWE-119, indicating a common weakness related to improper handling of input.

Technical Analysis

The root cause of this vulnerability stems from inadequate validation or handling of input, leading to the potential for a Denial of Service attack. The attack vector is classified as network-based, with low complexity and no required privileges or user interaction for exploitation.

The impacts of a successful attack would primarily affect the availability of the services provided by the affected NetScaler products, which could lead to significant disruptions for organizations relying on these systems.

Risk & Impact Analysis

The real-world risk associated with CVE-2023-4967 is considerable, particularly for organizations that depend on Citrix NetScaler products for critical operations. If exploited, attackers could cause service outages, impacting business continuity and customer satisfaction.

Given the high impact on availability and the potential for exploitation, organizations should assess their exposure and prioritize remediation efforts based on the CVSS score of 8.2.

With an EPSS score of 0.00439, the likelihood of exploitation is moderate, yet the consequences of a successful attack necessitate a proactive approach to security and patch management.

Signal	Status
Known Exploit	No
Public PoC	No
Actively Exploited	No
Ransomware Use	No

Affected Versions

The vulnerability affects the following versions of Citrix products:

NetScaler Application Delivery Controller: All versions from 13.0 to 13.0-92.19, 13.1 to 13.1-49.15, and 14.1 to 14.1-8.50.

NetScaler Gateway: All versions from 13.0 to 13.0-92.19, 13.1 to 13.1-49.15, and 14.1 to 14.1-8.50.

Mitigation & Remediation

Organizations should apply the latest patches provided by Citrix for affected products. Specific patch information can be found in the vendor advisory at Citrix support. Additionally, organizations should consider implementing network controls to limit exposure and monitor for unusual activity.

Detection Guidance

To detect potential exploitation attempts, organizations should monitor logs for any unusual traffic patterns or application errors associated with the NetScaler products. Additionally, behavioral anomalies should be investigated thoroughly.

AppSecure Threat Intelligence Insight

CVE-2023-4967 represents a significant threat to organizations utilizing Citrix technology, as the potential for denial of service could disrupt critical services. Security teams should take this opportunity to review their configurations and ensure they are following best practices for security.

For further guidance, organizations may refer to our penetration testing methodology for proactive measures against vulnerabilities.

Moreover, enhancing visibility through continuous monitoring and adopting a vulnerability management program can help identify and mitigate weaknesses before they are exploited.

Finally, consider enhancing your security posture through API security best practices to protect against similar vulnerabilities.

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

CVE ID	Title	Severity	Vulnerability Type	Published
CVE-2025-65418	CVE-2025-65418: High Vulnerability in docuFORM Managed Print Service Client	HIGH	Path Traversal	May 11, 2026
CVE-2025-65417	CVE-2025-65417: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	XSS	May 11, 2026
CVE-2025-65416	CVE-2025-65416: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Unrestricted File Upload	May 11, 2026
CVE-2025-65415	CVE-2025-65415: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Session Fixation	May 11, 2026
CVE-2025-61314	CVE-2025-61314: High Vulnerability in GmbH Mecury Managed Print Services	HIGH	XSS	May 11, 2026

CVE-2023-4967: High Vulnerability in Citrix NetScaler ADC and Gateway