Citrix Warns Authentication Failures Following The Update of NetScaler to Fix Auth Vulnerability

Posted on By CWS

Citrix has issued an pressing advisory warning prospects of widespread authentication failures following current updates to NetScaler builds 14.1.47.46 and 13.1.59.19.

The updates, launched as a part of the corporate’s ongoing secure-by-design initiative, have inadvertently precipitated important disruption to enterprise authentication methods throughout a number of organizations worldwide.

The authentication failures manifest as damaged login pages and full lack of ability to entry NetScaler Gateway portals, notably affecting environments using DUO configurations based mostly on RADIUS authentication, SAML implementations, and customized Identification Supplier (IDP) configurations.

Organizations counting on these authentication strategies have reported full service outages, forcing IT groups to implement emergency workarounds to take care of enterprise continuity.

The basis trigger has been recognized as the automated enablement of Content material Safety Coverage (CSP) headers by default within the newest NetScaler builds.

Whereas CSP headers are designed to mitigate cross-site scripting (XSS) and code injection assaults, their sudden activation has created compatibility points with current authentication scripts and third-party integrations that had been functioning correctly earlier than the replace.

Citrix analysts recognized the problem stems from the strict CSP guidelines blocking authentic scripts and assets that had been beforehand allowed to execute with out restrictions.

The coverage’s restrictive nature, whereas enhancing safety in opposition to browser-based threats, has confirmed incompatible with many customized authentication configurations that enterprises have deployed over time, creating an sudden safety versus performance battle.

Technical Decision and Mitigation

To deal with the speedy disaster, Citrix has supplied a short lived workaround requiring directors to disable the default CSP header by means of the NetScaler command-line interface.

The decision includes executing particular instructions on affected methods:-

set aaa parameter -defaultCSPHeader DISABLED
save ns config

Moreover, directors should flush the cache utilizing the command flush cache contentgroup loginstaticobjects to make sure speedy implementation of modifications throughout all affected authentication methods.

Examine reside malware conduct, hint each step of an assault, and make sooner, smarter safety choices -> Attempt ANY.RUN now

Cyber Security News Tags:, , , , , , , ,

Related Posts

CISA Warns of Trend Micro Apex One OS Command Injection Vulnerability Exploited in Attacks Cyber Security News
PoC Released for Linux Privilege Escalation Vulnerability via udisksd and libblockdev Cyber Security News
Atomic macOS Info-Stealer Upgraded With New Backdoor to Maintain Persistence Cyber Security News
Ransomware Actors Exploit Unpatched SimpleHelp RMM to Compromise Billing Software Provider Cyber Security News
CISA Adds MDaemon Email Server XSS Vulnerability to KEV Catalog Following Exploitation Cyber Security News
New Eleven11bot Hacked 86,000 IP Cameras for Massive DDoS Attack Cyber Security News