DEV Community

Cover image for Citrix Patches High-Severity NetScaler Flaws and HTTP/2 Bomb Vulnerability
BeyondMachines for BeyondMachines

Posted on • Originally published at beyondmachines.net

Citrix Patches High-Severity NetScaler Flaws and HTTP/2 Bomb Vulnerability

Summary

Citrix fixed six vulnerabilities in NetScaler ADC and Gateway, including high-severity memory overflows and the "HTTP/2 Bomb" denial-of-service flaw. These bugs allow unauthenticated file access, memory theft, and service disruption across multiple appliance versions.

Take Action:

Update your NetScaler ADC and Gateway appliances to the latest firmware immediately (14.1-72.61 or 13.1-63.18, or the matching FIPS builds), as these flaws let attackers steal sensitive data or knock your VPN and DNS services offline. To block the "HTTP/2 Bomb" set Http2SmallWndTimeout to 30 seconds if you aren't using HTTP Strict Profiles, and make sure your management interfaces (NSIP/SNIP) are not reachable from the public internet.


Read the full article on BeyondMachines


This article was originally published on BeyondMachines

Top comments (0)