Frequently Asked Questions for CitrixBleed (CVE-2023-4966)

Posted on by Admin
Frequently Asked Questions for CitrixBleed (CVE-2023-4966)

Related Post


</p> <p><strong>Frequently asked questions relating to a critical vulnerability in Citrix NetScaler that has been under active exploitation for over a month, including by ransomware groups.</strong></p> <h2>Background</h2> <p>The Tenable Security Response Team has put together this blog to answer frequently Asked Questions (FAQ) regarding a critical vulnerability known as CitrixBleed.</p> <h2>FAQ</h2> <p><strong>What is CitrixBleed?</strong></p> <p>CitrixBleed (or “Citrix Bleed”) is a name given to a critical vulnerability in Citrix NetScaler ADC and Gateway. Researchers at Assetnote are credited with naming this vulnerability. A logo for CitrixBleed was created by security researcher Kevin Beaumont.</p> <p><strong>When was this vulnerability first disclosed?</strong></p> <p>On October 10, Citrix published its security bulletin, identified as <a href="https://support.citrix.com/article/CTX579459/netscaler-adc-and-netscaler-gateway-security-bulletin-for-cve20234966-and-cve20234967"><u>CTX579459</u></a>, detailing this vulnerability along with a separate flaw.</p> <p><strong>What are the CVE details for the vulnerabilities patched on October 10?</strong></p> <p>As part of CTX579459, Citrix patched two vulnerabilities, CVE-2023-4966, also known as CitrixBleed, along with a denial of service (DoS) vulnerability:</p> <div class="table-responsive"> <table class="table"> <thead> <tr> <th style="width:150px;"><strong>CVE</strong></th> <th><strong>Description</strong></th> <th><strong>CVSSv3</strong></th> <th><strong>Severity</strong></th> </tr> </thead> <tbody> <tr> <td><a href="https://www.tenable.com/cve/CVE-2023-4966"><u>CVE-2023-4966</u></a></td> <td>Citrix NetScaler ADC and Gateway Sensitive Information Disclosure Vulnerability (“CitrixBleed”)</td> <td>9.4</td> <td>Critical</td> </tr> <tr> <td><a href="https://www.tenable.com/cve/CVE-2023-4967"><u>CVE-2023-4967</u></a></td> <td>Citrix NetScaler ADC and Gateway DoS Vulnerability</td> <td>8.2</td> <td>High</td> </tr> </tbody> </table> </div> <p>We <a href="https://www.tenable.com/blog/cve-2023-4966-citrix-netscaler-adc-and-netscaler-gateway-information-disclosure-exploited-in"><u>published a blog post</u></a> for both vulnerabilities on October 18.</p> <p><strong>What makes CitrixBleed so severe?</strong></p> <p>CitrixBleed is e​​xtremely simple to exploit and the consequences of exploitation make this vulnerability severe. An unauthenticated, remote attacker could exploit this vulnerability by sending a specially crafted request to a vulnerable endpoint on a NetScaler ADC or Gateway instance.</p> <p>By exploiting CitrixBleed, an attacker could obtain valid session tokens from the vulnerable device’s memory. With the possession of valid session tokens, an attacker can replay them back in order to bypass authentication.</p> <p><strong>Was this exploited as a zero-day?</strong></p> <p>Yes, according to <a href="https://www.mandiant.com/resources/blog/remediation-netscaler-adc-gateway-cve-2023-4966"><u>researchers at Mandiant</u></a>, they were able to find evidence of zero-day exploitation back in August.</p> <p><strong>Has in-the-wild exploitation been observed since this vulnerability became public?</strong></p> <p>Yes, <a href="https://www.netscaler.com/blog/news/cve-2023-4966-critical-security-update-now-available-for-netscaler-adc-and-netscaler-gateway/"><u>Citrix</u></a>, our partners at <a href="https://www.greynoise.io/blog/cve-2023-4966-helps-usher-in-a-bakers-dozen-of-citrix-tags-to-further-help-organizations-mitigate-harm"><u>GreyNoise</u></a> and <a href="https://doublepulsar.com/mass-exploitation-of-citrixbleed-vulnerability-including-a-ransomware-group-1405cbb9de18"><u>Kevin Beaumont</u></a> have all observed in-the-wild exploitation of this vulnerability since at least October 23.</p> <p><strong>Which threat actors are exploiting CitrixBleed?</strong></p> <p>As of November 20, there are multiple threat actors exploiting CitrixBleed:</p> <p>This is not an exhaustive list and specific details about the uncategorized groups are not yet known at this time.</p> <p><strong>Who are LockBit 3.0 and Medusa and what are their motivations?</strong></p> <p><a href="https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-165a"><u>LockBit 3.0</u></a> and Medusa are two active ransomware groups that have been observed exploiting CitrixBleed as part of attacks against organizations.</p> <p>Typically, ransomware groups conduct what is known as double extortion, whereby they encrypt files on systems within a network while simultaneously stealing sensitive information from these networks and threatening to leak this stolen data on the dark web if a ransom demand is not paid.</p> <p>Double extortion attacks are what have fueled the success of ransomware over the years. However, over the last year, ransomware groups are choosing to bypass the encryption stage of their attacks, focusing solely on exfiltration and threaten to publish the stolen information. Ultimately, the motivation of these attackers are not to disrupt operations, but instead to profit from these attacks.</p> <p><strong>Are the ransomware groups themselves launching these attacks?</strong></p> <p>No, the groups themselves are often not the ones behind the attacks. They are responsible for developing and providing the ransomware and infrastructure to individuals known as affiliates. Affiliates partner with ransomware groups to conduct the attacks, steal sensitive information and distribute the ransomware payloads within a network. For their efforts, affiliates receive a large portion of the ransomware payout.</p> <p>For more information about affiliates and ransomware groups, please check out our report on <a href="https://www.tenable.com/cyber-exposure/a-look-inside-the-ransomware-ecosystem"><u>The Ransomware Ecosystem</u></a>.</p> <p><strong>Are there any specific industries being targeted by this vulnerability?</strong></p> <p><a href="https://www.mandiant.com/resources/blog/session-hijacking-citrix-cve-2023-4966"><u>Public</u></a> <a href="https://cyberplace.social/@GossiTheDog/111391980023423612"><u>reporting</u></a> suggests that this vulnerability is currently being used to target organizations across multiple industries across the world including finance, government organizations, technology, professional services, legal, freight and defense.</p> <p><strong>Do we know how many vulnerable NetScaler ADC and Gateway instances there are?</strong></p> <p>There have been two different reports highlighting vulnerable NetScaler ADC and Gateway instances accessible on the internet. BleepingComputer <a href="https://www.bleepingcomputer.com/news/security/lockbit-ransomware-exploits-citrix-bleed-in-attacks-10k-servers-exposed/"><u>cited</u></a> a security researcher named <a href="https://twitter.com/nekono_naha"><u>Yutaka Sejiyama</u></a>, who says there were 10,400 Citrix servers vulnerable to CitrixBleed as of November 14 while Kevin Beaumont <a href="https://cyberplace.social/@GossiTheDog/111369708572067512"><u>said</u></a> that there are around 5,000 unpatched servers online as of November 7.</p> <p><strong>Is there a proof-of-concept (PoC) available for this vulnerability?</strong></p> <p>Yes, researchers at Assetnote <a href="https://github.com/assetnote/exploits/commits/main/citrix/CVE-2023-4966"><u>published a PoC</u></a> for this vulnerability on October 23.</p> <p><strong>Are patches available for CitrixBleed?</strong></p> <p>Yes, Citrix released patches for the following NetScaler ADC and Gateway versions:</p> <div class="table-responsive"> <table class="table"> <thead> <tr> <th><strong>Affected Product</strong></th> <th><strong>Affected Version</strong></th> <th><strong>Fixed Version</strong></th> </tr> </thead> <tbody> <tr> <td rowspan="3">NetScaler ADC and NetScaler Gateway</td> <td>Prior to 13.0-92.19</td> <td>13.0-92.19 and later releases of 13.0</td> </tr> <tr> <td>Prior to 13.1-49.15</td> <td>13.1-49.15 and later releases of 13.1</td> </tr> <tr> <td>Prior to 14.1-8.50</td> <td>14.1-8.50 and later releases</td> </tr> <tr> <td>NetScaler ADC 12.1-NDcPP</td> <td>Prior to 12.1-55.300</td> <td>12.1-55.300 and later releases of 12.1-NDcPP</td> </tr> <tr> <td>NetScaler ADC 12.1-FIPS</td> <td>Prior to 12.1-55.300</td> <td>12.1-55.300 and later releases of 12.1-FIPS</td> </tr> <tr> <td>NetScaler ADC 13.1-FIPS</td> <td>Prior to 13.1-37.164</td> <td>13.1-37.164 and later releases of 13.1-FIPS</td> </tr> </tbody> </table> </div> <p>Version 12.1 of NetScaler ADC and Gateway are end of life (EOL) and will not receive security updates. Therefore, customers are strongly encouraged to upgrade to a fixed version listed above as soon as possible.</p> <p><strong>If I’ve patched CitrixBleed already, is my network safe?</strong></p> <p>Because CitrixBleed allows an attacker to steal valid session tokens, these session tokens can be replayed against the system irrespective of the patching status. So long as these stolen session tokens persist and are in the possession of an attacker, they can be reused.</p> <p>Additionally, Kevin Beaumont <a href="https://doublepulsar.com/lockbit-ransomware-group-assemble-strike-team-to-breach-banks-law-firms-and-governments-4220580bfcee"><u>notes</u></a> that ransomware groups like LockBit are maintaining access to compromised networks by installing remote access tools like Atera, a remote monitoring & management (RMM) tool.</p> <p>Whether patches have been applied or not, organizations that use NetScaler ADC and Gateway should assume compromise and begin an incident response investigation.</p> <p><strong>How do we stop attackers from leveraging stolen session tokens?</strong></p> <p>As outlined <a href="https://www.netscaler.com/blog/news/cve-2023-4966-critical-security-update-now-available-for-netscaler-adc-and-netscaler-gateway"><u>in this Citrix blog</u></a>, once the available patches have been applied, there are a set of commands that can be run to kill active and persistent sessions, thereby thwarting attackers ability to replay the valid session tokens back even if a system has been patched.</p> <p><strong>Has Tenable released any product coverage for CitrixBleed?</strong></p> <p>Yes, please refer to the Identifying Affected Systems section below for more information.</p> <h2>Timeline</h2> <div class="table-responsive"> <table class="table"> <thead> <tr> <th style="width:175px;"><strong>Date</strong></th> <th><strong>Details</strong></th> <th><strong>Milestone</strong></th> </tr> </thead> <tbody> <tr> <td>August 2023</td> <td>On October 17, researchers at Mandiant <a href="https://www.mandiant.com/resources/blog/remediation-netscaler-adc-gateway-cve-2023-4966"><u>looked back and found evidence of exploitation of a Citrix NetScaler zero-day</u></a></td> <td>Zero-Day Exploitation</td> </tr> <tr> <td>October 10, 2023</td> <td>Citrix publishes security bulletin <a href="https://support.citrix.com/article/CTX579459/netscaler-adc-and-netscaler-gateway-security-bulletin-for-cve20234966-and-cve20234967"><u>CTX579459</u></a> to address two vulnerabilities in NetScaler ADC and Gateway including CVE-2023-4966</td> <td>Public Disclosure</td> </tr> <tr> <td>October 17, 2023</td> <td>Mandiant publishes its <a href="https://www.mandiant.com/resources/blog/remediation-netscaler-adc-gateway-cve-2023-4966"><u>blog post on the discovery of zero-day exploitation of CVE-2023-4966</u></a></td> <td>Historical Insight</td> </tr> <tr> <td rowspan="2">October 23, 2023</td> <td>Researchers at GreyNoise add a tag for CVE-2023-4966 to track associated activity</td> <td>Monitoring for Exploitation</td> </tr> <tr> <td>Assetnote <a href="https://github.com/assetnote/exploits/commits/main/citrix/CVE-2023-4966"><u>publishes its proof-of-concept (PoC) to GitHub</u></a></td> <td>Proof-of-Concept Published</td> </tr> <tr> <td>October 24, 2023</td> <td>GreyNoise identifies first in-the-wild exploitation attempts for CVE-2023-49666</td> <td>Exploitation Detected</td> </tr> <tr> <td rowspan="2">October 25, 2023</td> <td>Researchers at Assetnote publish a <a href="https://www.assetnote.io/resources/research/citrix-bleed-leaking-session-tokens-with-cve-2023-4966"><u>blog post naming the vulnerability “Citrix Bleed” and providing technical details and highlights its PoC</u></a></td> <td>Named Vulnerability, Technical Details Shared</td> </tr> <tr> <td>Researcher Kevin Beaumont says vulnerability is being “mass exploited in the wild for about a month” and highlights ease of exploitation</td> <td>Additional Details, Confirmed Exploitation Activity</td> </tr> <tr> <td>October 27, 2023</td> <td>Beaumont reiterates mass exploitation, <a href="https://doublepulsar.com/mass-exploitation-of-citrixbleed-vulnerability-including-a-ransomware-group-1405cbb9de18"><u>publishes blog post</u></a> that reveals that a ransomware group is leveraging it as part of attacks</td> <td>Exploited by First Ransomware Group</td> </tr> <tr> <td>October 28, 2023</td> <td>Over 20,000 NetScaler systems have been exploited according to Beaumont</td> <td>Mass Exploitation Activity</td> </tr> <tr> <td>November 11, 2023</td> <td>LockBit ransomware group is <a href="https://cyberplace.social/@GossiTheDog/111391980023423612"><u>confirmed to be using CitrixBleed</u></a> in attacks against a variety of industries including finance, freight, legal and defense</td> <td>Widespread Exploitation of Vulnerability by LockBit Affiliates</td> </tr> <tr> <td rowspan="2">November 14, 2023</td> <td>A second ransomware group, Medusa, has <a href="https://cyberplace.social/@GossiTheDog/111408758925049114"><u>also begun exploiting this vulnerability in attacks</u></a></td> <td>Exploited by Second Ransomware Group</td> </tr> <tr> <td>Security researcher Yutaka Sejiyama <a href="https://www.bleepingcomputer.com/news/security/lockbit-ransomware-exploits-citrix-bleed-in-attacks-10k-servers-exposed/"><u>shared with BleepingComputer</u></a> that over 10,400 Citrix servers are still vulnerable to CVE-2023-4966 with nearly a third (30%) in the United States</td> <td>Updated Attack Surface</td> </tr> </tbody> </table> </div> <h2>Identifying affected systems</h2> <p>The following plugins for CVE-2023-4966 and CVE-2023-4967 are available. Customers are advised to use these plugins to identify vulnerable assets.</p> <div class="table-responsive"> <table class="table"> <thead> <tr> <th style="width:125px;"><strong>Plugin ID</strong></th> <th><strong>Title</strong></th> <th><strong>Type</strong></th> </tr> </thead> <tbody> <tr> <td><a href="https://www.tenable.com/plugins/nessus/183026"><u>183026</u></a></td> <td>NetScaler ADC and NetScaler Gateway Multiple Vulnerabilities (CTX579459)</td> <td>Version Check</td> </tr> <tr> <td><a href="https://www.tenable.com/plugins/was/114100"><u>114100</u></a></td> <td>Citrix Gateway / ADC Sensitive Information Exposure</td> <td>Tenable Web App Scanning (formerly Tenable.io Web Application Scanning) Remote Check</td> </tr> </tbody> </table> </div> <h3>Get more information</h3> <p><em><strong>Join </strong></em><a href="https://community.tenable.com/s/group/0F9f2000000fyxyCAA/cyber-exposure-alerts"><em><strong><u>Tenable’s Security Response Team</u></strong></em></a><em><strong> on the Tenable Community.</strong></em></p> <p><em><strong>Learn more about </strong></em><a href="https://www.tenable.com/products/tenable-one"><em><strong><u>Tenable One</u>, the Exposure Management Platform for the modern attack surface.</strong></em></a></p> </div> <p><script async src="//platform.twitter.com/widgets.js" charset="utf-8"></script><br /> <br /><br /> <br /><a href="https://www.tenable.com/blog/frequently-asked-questions-for-citrixbleed-cve-2023-4966">Source link </a></p> </div><!-- .entry-content --> <footer class="entry-footer"> <span class="cat-links"> Posted in <a href="https://unifiedguru.com/category/rss_virtulization/" rel="category tag">RSS_Virtulization</a> </span> </footer><!-- .entry-footer --> </article><!-- #post-## --> <nav class="navigation post-navigation" aria-label="Posts"> <h2 class="screen-reader-text">Post navigation</h2> <div class="nav-links"><div class="nav-previous"><a href="https://unifiedguru.com/visibility-isnt-enough-its-what-you-do-with-it-that-counts/" rel="prev">Visibility Isn’t Enough; It’s What You Do with It That Counts</a></div><div class="nav-next"><a href="https://unifiedguru.com/how-mobile-technologies-can-transform-emergency-response/" rel="next">How mobile technologies can transform emergency response</a></div></div> </nav> </main><!-- #main --> </div><!-- #primary --> <div id="secondary-right" class="widget-area secondary-sidebar f-right clearfix" role="complementary"> <div id="sidebar-section-top" class="widget-area sidebar clearfix"> <aside id="newsletterwidget-10" class="widget widget_newsletterwidget"><h3 class="widget-title"><span>Subscribe For Updates</span></h3><div class="tnp tnp-subscription tnp-widget"> <form method="post" action="https://unifiedguru.com/wp-admin/admin-ajax.php?action=tnp&na=s"> <input type="hidden" name="nr" value="widget"> <input type="hidden" name="nlang" value=""> <div class="tnp-field tnp-field-firstname"><label for="tnp-1">Name</label> <input class="tnp-name" type="text" name="nn" id="tnp-1" value="" placeholder=""></div> <div class="tnp-field tnp-field-email"><label for="tnp-2">Email</label> <input class="tnp-email" type="email" name="ne" id="tnp-2" value="" placeholder="" required></div> <div class="tnp-field tnp-privacy-field"><label><input type="checkbox" name="ny" required class="tnp-privacy"> Subscribing I accept the privacy rules of this site</label></div><div class="tnp-field tnp-field-button" style="text-align: left"><input class="tnp-submit" type="submit" value="Subscribe Now For Updates" style=""> </div> </form> </div> </aside> </div> <div id="sidebar-section-cat-one" class="widget-area sidebar clearfix"> <div class="widget"> <h2 class="block-title"><span class="bordertitle-red"></span>VMWARE</h2> <div class="featured-post-sidebar"> <figure class="post-thumb clearfix"> <a href="https://unifiedguru.com/helping-public-sector-organisations-define-cloud-strategy/" title="Helping Public Sector Organisations Define Cloud Strategy" ><img post-id="1207" fifu-featured="1" src="https://simoncranney.files.wordpress.com/2019/10/cropped-network.jpeg?w=200" alt="Helping Public Sector Organisations Define Cloud Strategy" title="Helping Public Sector Organisations Define Cloud Strategy" title="Helping Public Sector Organisations Define Cloud Strategy" /></a> </figure> <div class="post-desc"> <div class="post-date"><i class="fa fa-calendar"></i>October 29, 2020</div> <h3><a href="https://unifiedguru.com/helping-public-sector-organisations-define-cloud-strategy/" title="Helping Public Sector Organisations Define Cloud Strategy" >Helping Public Sector Organisations Define Cloud Strategy</a></h3> <p class="side-excerpt">Introduction Cloud computing services have grown exponentially in</p> </div> </div> <div class="featured-post-sidebar"> <div class="post-desc"> <div class="post-date"><i class="fa fa-calendar"></i>May 18, 2016</div> <h3><a href="https://unifiedguru.com/how-to-change-the-vlan-id-of-the-service-console-in-esx-from-the-command-lineconsole/" title="How to change the VLAN ID of the Service Console in ESX from the command line/console" >How to change the VLAN ID of the Service Console in ESX from the command line/console</a></h3> </div> </div> <div class="featured-post-sidebar"> <div class="post-desc"> <div class="post-date"><i class="fa fa-calendar"></i>June 09, 2015</div> <h3><a href="https://unifiedguru.com/cisco-ucs-and-vmware-interfaces-vnics-ha-design-considerations/" title="Cisco UCS and Vmware Interfaces (Vnics) HA Design Considerations" >Cisco UCS and Vmware Interfaces (Vnics) HA Design Considerations</a></h3> </div> </div> <div class="featured-post-sidebar"> <div class="post-desc"> <div class="post-date"><i class="fa fa-calendar"></i>June 07, 2015</div> <h3><a href="https://unifiedguru.com/troubleshooting-network-and-tcpudp-port-connectivity-issues-on-esxesxi2020669/" title="Troubleshooting network and TCP/UDP port connectivity issues on ESX/ESXi(2020669)" >Troubleshooting network and TCP/UDP port connectivity issues on ESX/ESXi(2020669)</a></h3> </div> </div> <div class="featured-post-sidebar"> <div class="post-desc"> <div class="post-date"><i class="fa fa-calendar"></i>May 12, 2015</div> <h3><a href="https://unifiedguru.com/vsphere-client-parameters/" title="vSphere Client Parameters" >vSphere Client Parameters</a></h3> </div> </div> <div class="view-all-link"><a href="https://unifiedguru.com/category/vmware/" title="View All">View All</a></div> </div> </div> <div id="sidebar-section-cat-two" class="widget-area sidebar clearfix"> <div class="widget"> <h2 class="block-title"><span class="bordertitle-red"></span>Configuration Templates</h2> <div class="featured-post-sidebar clearfix"> <figure class="post-thumb clearfix"> </figure> <div class="post-desc"> <div class="post-date"><i class="fa fa-calendar"></i>February 16, 2015</div> <h3><a href="https://unifiedguru.com/cue-licenses/" title="CUE Licenses" >CUE Licenses</a></h3> <p class="side-excerpt">Note: Useful LINK COPIED FROM OTHER SOURCE FOR REFERENCE INTRODUCTION</p> </div> </div> <div class="featured-post-sidebar clearfix"> <div class="post-desc"> <div class="post-date"><i class="fa fa-calendar"></i>February 02, 2015</div> <h3><a href="https://unifiedguru.com/trouble-shooting-unity-express-with-call-manager-integeration-operational-issues/" title="Trouble shooting Unity Express with Call Manager Integeration & Operational Issues" >Trouble shooting Unity Express with Call Manager Integeration & Operational Issues</a></h3> </div> </div> <div class="featured-post-sidebar clearfix"> <div class="post-desc"> <div class="post-date"><i class="fa fa-calendar"></i>November 08, 2014</div> <h3><a href="https://unifiedguru.com/%ef%bb%bfcme-configuration-example-sip-trunks-to-viatalk-and-voip-ms/" title="CME Configuration Example: SIP Trunks to Viatalk and VoIP.ms" >CME Configuration Example: SIP Trunks to Viatalk and VoIP.ms</a></h3> </div> </div> <div class="featured-post-sidebar clearfix"> <div class="post-desc"> <div class="post-date"><i class="fa fa-calendar"></i>November 08, 2014</div> <h3><a href="https://unifiedguru.com/sip-phone-registration-cme-configuration/" title="SIP Phone registration – CME Configuration" >SIP Phone registration – CME Configuration</a></h3> </div> </div> <div class="featured-post-sidebar clearfix"> <div class="post-desc"> <div class="post-date"><i class="fa fa-calendar"></i>November 08, 2014</div> <h3><a href="https://unifiedguru.com/cue-voicemail-vpim-networking-cue-to-unity/" title="CUE Voicemail + VPIM networking (CUE to unity)" >CUE Voicemail + VPIM networking (CUE to unity)</a></h3> </div> </div> <div class="view-all-link"><a href="https://unifiedguru.com/category/configuration-templates/" title="View All">View All</a></div> </div> </div> </div> </div><!-- #content --> </div><!-- content-wrapper--> <footer id="colophon" class="site-footer clearrfix" role="contentinfo"> <div class="wrapper footer-wrapper clearfix"> <div class="top-bottom clearfix"> <div id="footer-top"> </div><!-- #foter-top --> <div id="footer-bottom"> </div><!-- #foter-bottom --> </div><!-- top-bottom--> <div class="footer-copyright border t-center"> <p> Copyright 2016. All rights reserved </p> <div class="site-info"> <a href="https://wordpress.org/">Proudly powered by WordPress</a> <span class="sep"> | </span> Profitmag by <a href="http://rigorousthemes.com/" rel="designer">Rigorous Themes</a> </div><!-- .site-info --> </div> </div><!-- footer-wrapper--> </footer><!-- #colophon --> </div><!-- #page --> <div class="a2a_kit a2a_kit_size_32 a2a_floating_style a2a_default_style" style="bottom:0px;left:0px;background-color:#23d5db"><a class="a2a_button_linkedin" href="https://www.addtoany.com/add_to/linkedin?linkurl=https%3A%2F%2Funifiedguru.com%2Ffrequently-asked-questions-for-citrixbleed-cve-2023-4966%2F&linkname=Frequently%20Asked%20Questions%20for%20CitrixBleed%20%28CVE-2023-4966%29" title="LinkedIn" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_facebook" href="https://www.addtoany.com/add_to/facebook?linkurl=https%3A%2F%2Funifiedguru.com%2Ffrequently-asked-questions-for-citrixbleed-cve-2023-4966%2F&linkname=Frequently%20Asked%20Questions%20for%20CitrixBleed%20%28CVE-2023-4966%29" title="Facebook" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_pinterest" href="https://www.addtoany.com/add_to/pinterest?linkurl=https%3A%2F%2Funifiedguru.com%2Ffrequently-asked-questions-for-citrixbleed-cve-2023-4966%2F&linkname=Frequently%20Asked%20Questions%20for%20CitrixBleed%20%28CVE-2023-4966%29" title="Pinterest" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_twitter" href="https://www.addtoany.com/add_to/twitter?linkurl=https%3A%2F%2Funifiedguru.com%2Ffrequently-asked-questions-for-citrixbleed-cve-2023-4966%2F&linkname=Frequently%20Asked%20Questions%20for%20CitrixBleed%20%28CVE-2023-4966%29" title="Twitter" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_whatsapp" href="https://www.addtoany.com/add_to/whatsapp?linkurl=https%3A%2F%2Funifiedguru.com%2Ffrequently-asked-questions-for-citrixbleed-cve-2023-4966%2F&linkname=Frequently%20Asked%20Questions%20for%20CitrixBleed%20%28CVE-2023-4966%29" title="WhatsApp" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_print" href="https://www.addtoany.com/add_to/print?linkurl=https%3A%2F%2Funifiedguru.com%2Ffrequently-asked-questions-for-citrixbleed-cve-2023-4966%2F&linkname=Frequently%20Asked%20Questions%20for%20CitrixBleed%20%28CVE-2023-4966%29" title="Print" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_google_gmail" href="https://www.addtoany.com/add_to/google_gmail?linkurl=https%3A%2F%2Funifiedguru.com%2Ffrequently-asked-questions-for-citrixbleed-cve-2023-4966%2F&linkname=Frequently%20Asked%20Questions%20for%20CitrixBleed%20%28CVE-2023-4966%29" title="Gmail" rel="nofollow noopener" target="_blank"></a><a class="a2a_dd addtoany_share_save addtoany_share" href="https://www.addtoany.com/share"></a></div><div class="mb_supershare_holder"> <div id="openModal" class="mb_supershare_modalDialog"> <div style="background:url(https://unifiedguru.com/wp-content/plugins/super-share/img/struckaxiom.png) repeat;"> <div class="mb_supershare_ribbon"><div class="mb_supershare_ribbon-stitches-top"></div><strong class="mb_supershare_ribbon-content"><span style="font-size: 24px; line-height: 2;"> Love This Article? Spread It. </span></strong><div class="mb_supershare_ribbon-stitches-bottom"></div></div> <div class="mb_supershare_close">X</div> <!-- facebook need this script --> <div id="fb-root"></div> <script>(function(d, s, id) { var js, fjs = d.getElementsByTagName(s)[0]; if (d.getElementById(id)) return; js = d.createElement(s); js.id = id; js.src = "//connect.facebook.net/en_US/all.js#xfbml=1"; fjs.parentNode.insertBefore(js, fjs); }(document, 'script', 'facebook-jssdk'));</script> <div class="social_icons_style" style="width:320px; margin-left:25px; margin-top:20px; margin 0 auto; overflow:visible"> <ul> <li style="overflow:hidden; width: 49px;"> <!-- facebook like button --> <div class="fb-like" data-href="https://unifiedguru.com:443/frequently-asked-questions-for-citrixbleed-cve-2023-4966/" data-width="450" data-height="The pixel height of the plugin" data-colorscheme="light" data-layout="box_count" data-action="like" data-show-faces="false" data-send="false"></div> </li> <li> <!-- G+ button --> <!-- Place this tag where you want the +1 button to render. --> <div class="g-plusone" data-size="tall" data-href=""></div> <!-- Place this tag after the last +1 button tag. --> <script type="text/javascript"> (function() { var po = document.createElement('script'); po.type = 'text/javascript'; po.async = true; po.src = 'https://apis.google.com/js/plusone.js'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(po, s); })(); </script> </li> <li> <!-- Twitter button --> <a href="https://twitter.com/share" class="twitter-share-button" data-url="" data-via="" data-lang="en" data-related="anywhereTheJavascriptAPI" data-count="vertical">Tweet</a> <script>!function(d,s,id){var js,fjs=d.getElementsByTagName(s)[0];if(!d.getElementById(id)){js=d.createElement(s);js.id=id;js.src="https://platform.twitter.com/widgets.js";fjs.parentNode.insertBefore(js,fjs);}}(document,"script","twitter-wjs");</script> </li> <li> <!-- Linkedin button --> <script src="//platform.linkedin.com/in.js" type="text/javascript"></script> <script type="IN/Share" data-url="" data-counter="top"></script> </li> <li> <!-- StumbleUpon button --> <!-- Place this tag where you want the su badge to render --> <su:badge layout="5" location=""> </su:badge> <!-- Place this snippet wherever appropriate --> <script type="text/javascript"> (function() { var li = document.createElement('script'); li.type = 'text/javascript'; li.async = true; li.src = ('https:' == document.location.protocol ? 'https:' : 'http:') + '//platform.stumbleupon.com/1/widgets.js'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(li, s); })(); </script> </li> </ul> </div> </div> <!--DIV--> </div> <!--modalDialog--> </div> <!--mb_supershare_holder--> <script> jQuery(document).ready(function($) { $is_closed="no"; jQuery(document).scroll(function() { if(jQuery('article').length){ //For typical wordpress templates $afterpost = jQuery("article").position().top + jQuery("article").height()-(jQuery("article").height()/3); } else { //For Thesis framework $afterpost = jQuery(".content").position().top + jQuery(".post_box").height()-(jQuery(".post_box").height()/3); } if(jQuery(window).scrollTop() >= $afterpost && $is_closed=="no"){ jQuery(".mb_supershare_modalDialog").css({"display":"block"}); jQuery(".mb_supershare_modalDialog").animate({opacity:"1"},1000); } else{ jQuery(".mb_supershare_modalDialog").css({"display":"none"}); } }); jQuery(".mb_supershare_close").bind("click", function() { jQuery(".mb_supershare_modalDialog").fadeOut("slow"); $is_closed="yes"; setTimeout(function() { jQuery(".mb_supershare_modalDialog").css({"display":"none"}); }, 2000); }); }); </script> <script type='text/javascript'> const lazyloadRunObserver = () => { const lazyloadBackgrounds = document.querySelectorAll( `.e-con.e-parent:not(.e-lazyloaded)` ); const lazyloadBackgroundObserver = new IntersectionObserver( ( entries ) => { entries.forEach( ( entry ) => { if ( entry.isIntersecting ) { let lazyloadBackground = entry.target; if( lazyloadBackground ) { lazyloadBackground.classList.add( 'e-lazyloaded' ); } lazyloadBackgroundObserver.unobserve( entry.target ); } }); }, { rootMargin: '200px 0px 200px 0px' } ); lazyloadBackgrounds.forEach( ( lazyloadBackground ) => { lazyloadBackgroundObserver.observe( lazyloadBackground ); } ); }; const events = [ 'DOMContentLoaded', 'elementor/lazyload/observe', ]; events.forEach( ( event ) => { document.addEventListener( event, lazyloadRunObserver ); } ); </script> <script type="text/javascript" src="https://unifiedguru.com/wp-includes/js/dist/hooks.min.js?ver=2810c76e705dd1a53b18" id="wp-hooks-js"></script> <script type="text/javascript" src="https://unifiedguru.com/wp-includes/js/dist/i18n.min.js?ver=5e580eb46a90c2b997e6" id="wp-i18n-js"></script> <script type="text/javascript" id="wp-i18n-js-after"> /* <![CDATA[ */ wp.i18n.setLocaleData( { 'text direction\u0004ltr': [ 'ltr' ] } ); /* ]]> */ </script> <script type="text/javascript" src="https://unifiedguru.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=6.0" id="swv-js"></script> <script type="text/javascript" id="contact-form-7-js-before"> /* <![CDATA[ */ var wpcf7 = { "api": { "root": "https:\/\/unifiedguru.com\/wp-json\/", "namespace": "contact-form-7\/v1" } }; /* ]]> */ </script> <script type="text/javascript" src="https://unifiedguru.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=6.0" id="contact-form-7-js"></script> <script type="text/javascript" src="https://unifiedguru.com/wp-content/themes/profitmag/js/jquery.bxslider.js?ver=6.6.2" id="bxslider-js"></script> <script type="text/javascript" src="https://unifiedguru.com/wp-content/themes/profitmag/js/jquery.ticker.js?ver=6.6.2" id="ticker-js"></script> <script type="text/javascript" src="https://unifiedguru.com/wp-content/themes/profitmag/js/jquery.mCustomScrollbar.min.js?ver=1.0.0" id="mCustomScrollbar-js"></script> <script type="text/javascript" src="https://unifiedguru.com/wp-content/themes/profitmag/js/jquery.mousewheel.min.js?ver=2.0.19" id="mousewheel-js"></script> <script type="text/javascript" src="https://unifiedguru.com/wp-content/themes/profitmag/js/navigation.js?ver=20120206" id="profitmag-navigation-js"></script> <script type="text/javascript" src="https://unifiedguru.com/wp-content/themes/profitmag/js/keyboard-navigation.js?ver=20120206" id="profitmag-keyboard-navigation-js"></script> <script type="text/javascript" src="https://unifiedguru.com/wp-content/themes/profitmag/js/custom.js?ver=1.0" id="profitmag-custom-js"></script> <script type="text/javascript" src="https://unifiedguru.com/wp-content/plugins/slidedeck/js/jail.js?ver=5.4.1" id="jail-js"></script> <script type="text/javascript" src="https://unifiedguru.com/wp-content/plugins/slidedeck/js/jquery-mousewheel/jquery.mousewheel.min.js?ver=3.0.6" id="scrolling-js-js"></script> <script type="text/javascript" src="https://unifiedguru.com/wp-content/plugins/slidedeck/js/jquery.easing.1.3.js?ver=1.3" id="jquery-easing-js"></script> <script type="text/javascript" src="https://unifiedguru.com/wp-content/plugins/slidedeck/js/slidedeck.jquery.js?ver=1.4.1" id="slidedeck-library-js-js"></script> <script type="text/javascript" src="https://unifiedguru.com/wp-content/plugins/slidedeck/js/slidedeck-public.js?ver=5.4.1" id="slidedeck-public-js"></script> <script type="text/javascript" src="https://platform.twitter.com/widgets.js?ver=1316526300" id="twitter-intent-api-js"></script> <script type="text/javascript" id="fifu-json-ld-js-extra"> /* <![CDATA[ */ var fifuJsonLd = {"url":"https:\/\/www.tenable.com\/sites\/default\/files\/styles\/640x360\/public\/images\/articles\/blog-tenable-research-advisory-high-FAQ_1.jpg?itok=uHJ5bSBJ"}; /* ]]> */ </script> <script type="text/javascript" src="https://unifiedguru.com/wp-content/plugins/featured-image-from-url/includes/html/js/json-ld.js?ver=4.9.4" id="fifu-json-ld-js"></script> <script type="text/javascript"> var slideDeck2URLPath = "https://unifiedguru.com/wp-content/plugins/slidedeck"; var slideDeck2iframeByDefault = false; </script> </body> </html>