Urgent Alert: Critical Vulnerabilities in Citrix, VMware, and Atlassian Products

Bar Refael

January 17, 2024

Citrix, VMware, and Atlassian have reported critical security vulnerabilities in several of their products, some of which are currently being exploited in the wild. This advisory is issued to inform and guide our clients on these vulnerabilities and the essential steps required for mitigation. It highlights the urgent need to apply patches and review security measures, aiming to provide a clear understanding of the associated risks and the necessary actions for effective mitigation. Our focus is to ensure our clients are well-informed and prepared to address these vulnerabilities promptly.

Citrix NetScaler ADC and Gateway Vulnerabilities:

  • CVE-2023-6548 (CVSS: 5.5): Permits low-privileged remote code execution.
  • CVE-2023-6549 (CVSS: 8.2): Leads to denial-of-service under certain configurations.
  • Affected Versions: NetScaler ADC and Gateway versions 14.1, 13.1, 13.0, and 12.1 (including FIPS and NDcPP).

Mitigation: Upgrade to the patched versions and avoid exposing management interfaces to the internet.

VMware Aria Automation Flaw:

  • CVE-2023-34063 (CVSS: 9.9): A critical missing access control flaw.
  • Affected Versions: VMware Aria Automation (8.11.x to 8.14.x) and VMware Cloud Foundation (4.x and 5.x).

Mitigation: Directly upgrade to VMware version 8.16 post-patch application.

Atlassian Confluence RCE Bug:

  • CVE-2023-22527 (CVSS: 10.0): Template injection vulnerability causing remote code execution.
  • Affected Versions: Confluence Data Center and Server versions 8.0.x to 8.5.3 (Note: 7.19.x LTS versions are not impacted).

Mitigation: Update to the latest patched versions immediately.

Impact Assessment and Risk Analysis:

Each vulnerability presents unique risks that could lead to unauthorized access, data breaches, or service disruptions. Immediate patch application is critical.

OP Innovate’s Advisory:

  • Immediate Action: Apply all relevant patches without delay.
  • Review Security Posture: Regularly assess your organization’s security measures.
  • Stay Informed: OP Innovate will continue to provide updates on these and other cybersecurity threats.

FAQ Section:

Q1: Are these vulnerabilities currently being exploited?

  • A: Yes, some of these vulnerabilities, especially in Citrix products, are actively being exploited.

Q2: What if my organization cannot immediately apply these patches?

  • A: Implement temporary mitigations if possible, like restricting access to the management interfaces for Citrix products and limiting user privileges in VMware and Atlassian environments.

Q3: How do I know if my system is compromised?

  • A: Look for indicators of compromise such as unusual system or network activity and unauthorized administrative actions.

Conclusion and Call-to-Action:

The discovery of these vulnerabilities underscores the urgent need for vigilant cybersecurity practices. We urge all affected users to apply the recommended patches and review their security protocols. OP Innovate is dedicated to assisting our clients in navigating these challenges and ensuring the integrity of their digital assets.

Stay Safe and Secure,
OP Innovate Cybersecurity Team

Under Cyber Attack?

Fill out the form and we will contact you immediately.

Under Cyber Attack?

Fill out the form and we will contact you immediately.