Summary: Citrix has issued security updates for a critical vulnerability in NetScaler Console and NetScaler Agent, allowing potential privilege escalation by authenticated attackers. This flaw, identified as CVE-2024-12284, has a CVSS score of 8.8, indicating its severity. Users are urged to update to the patched versions to mitigate any risks associated with this security issue.

Affected: Citrix NetScaler Console and NetScaler Agent

Keypoints :

• Vulnerability CVE-2024-12284 involves improper privilege management in NetScaler products.
• Only authenticated users with access to the NetScaler Console can exploit this vulnerability.
• Patched versions include NetScaler Console 14.1-38.53 and 13.1-56.18, as well as their respective Agent versions.
• Cloud Software Group recommends immediate updates; no workarounds are available.