{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[],"affected_systems_content":"<ul> <li>Citrix StoreFront versions 2308.x ant\u00e9rieures \u00e0 2308.1</li> <li>Citrix StoreFront versions ant\u00e9rieures \u00e0 2311</li> <li>Citrix StoreFront versions 1912 LSTR ant\u00e9rieures \u00e0 1912 LTSR CU8 hotfix 3.22.8001.2</li> <li>Citrix StoreFront versions 2203 LSTR ant\u00e9rieures \u00e0 2203 LTSR CU4 Update 1</li> <li>Citrix Virtual Apps and Desktops versions ant\u00e9rieures \u00e0 2311</li> <li>Citrix Virtual Apps and Desktops versions 1912 LTSR ant\u00e9rieures \u00e0 1912 LTSR CU8 hotfix 19.12.8100.4</li> <li>Citrix Virtual Apps and Desktops versions 2203 LSTR ant\u00e9rieures \u00e0 2203 LTSR CU4</li> <li>NetScaler ADC et NetScaler Gateway\u202fversions 14.1.x\u202fversions ant\u00e9rieures \u00e0\u202f14.1-12.35</li> <li>NetScaler ADC et NetScaler Gateway\u202fversions 13.1.x\u202fversions ant\u00e9rieures \u00e0\u202f13.1-51.15</li> <li>NetScaler ADC et NetScaler Gateway\u202fversions 13.0.x\u202fversions ant\u00e9rieures \u00e0 13.0-92.21</li> <li>NetScaler ADC versions 13.1.x-FIPS versions ant\u00e9rieures \u00e0 13.1-37.176</li> <li>NetScaler ADC versions 12.1.x-FIPS versions ant\u00e9rieures \u00e0 12.1-55.302</li> <li>NetScaler ADC versions 12.1.x-NDcPP versions ant\u00e9rieures \u00e0 12.1-55.302</li> </ul> <p>L\u2019\u00e9diteur pr\u00e9cise que les produits NetScaler ADC and NetScaler Gateway en versions 12.1 sont en fin de vie (<em>EOL</em>) et ne b\u00e9n\u00e9ficient plus de mises \u00e0 jour de s\u00e9curit\u00e9.</p> ","content":"## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2023-6548","url":"https://www.cve.org/CVERecord?id=CVE-2023-6548"},{"name":"CVE-2023-5914","url":"https://www.cve.org/CVERecord?id=CVE-2023-5914"},{"name":"CVE-2023-6184","url":"https://www.cve.org/CVERecord?id=CVE-2023-6184"},{"name":"CVE-2023-6549","url":"https://www.cve.org/CVERecord?id=CVE-2023-6549"}],"links":[],"reference":"CERTFR-2024-AVI-0039","revisions":[{"description":"Version initiale","revision_date":"2024-01-16T00:00:00.000000"}],"risks":[{"description":"D\u00e9ni de service \u00e0 distance"},{"description":"Injection de code indirecte \u00e0 distance (XSS)"},{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nCitrix. Elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de\ncode arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une\ninjection de code indirecte \u00e0 distance (XSS).\n","title":"Multiples vuln\u00e9rabilit\u00e9s dans les produits Citrix","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Citrix CTX584986 du 16 janvier 2024","url":"https://support.citrix.com/article/CTX584986/netscaler-adc-and-netscaler-gateway-security-bulletin-for-cve20236548-and-cve20236549"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Citrix CTX583759 du 16 janvier 2024","url":"https://support.citrix.com/article/CTX583759/citrix-storefront-security-bulletin-for-cve20235914"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Citrix CTX583930 du 16 janvier 2024","url":"https://support.citrix.com/article/CTX583930/citrix-session-recording-security-bulletin-for-cve20236184"}]}