CRITICAL UPDATE: MAY 2023

Citrix have recently announced a Netscaler ADC & Gateway Vulnerability.

The following supported versions of Citrix ADC and Citrix Gateway are affected by this vulnerability:

  • Citrix ADC and Citrix Gateway 13.1 before 13.1-45.61
  • Citrix ADC and Citrix Gateway 13.0 before 13.0-90.11
  • Citrix ADC and Citrix Gateway 12.1 before 12.1-65.35
  • Citrix ADC 12.1-FIPS before 12.1-55.296
  • Citrix ADC 12.1-NDcPP before 12.1-55.296

This Security Vulnerability (if exploited), could result in a denial of service. Citrix have made an update available for your version of Citrix ADC.

It will take approximately 1 hr to complete the work on each of your Citrix Netscaler ADCs.

This will cause an outage on your Citrix services while the change is being implemented.

If you require, we can schedule an engineer after business hours to patch and test your Netscaler ADCs.

Citrix article: https://support.citrix.com/article/CTX477714

Please email: helpdesk@teba.com.au to arrange an engineer to patch your Netscaler ADC(s).

NETSCALER FAQ

1. I am using Netscaler 12.1 or lower, what happens at the 31st of May 2023?

Version 12.1 becomes end of life at the end of May 2023 which means you won’t be supported by Citrix for this version should any problems arise. In addition, no further patches will be available for this version.

PS. Version 12.1 has been end of maintenance (EOM) since May 2022. (No further patches will be available for this version.)

Teba suggests upgrading to the current version 13.1 as soon as possible.

2. I am using Netscaler 13.0, what happens at the 15th of July 2023?

Version 13.0  becomes end of maintenance on July 15th 2023 which means no further patches will be available for this version.

Version 13.0 will be end of life July 15th 2024.

Teba suggests upgrading to the current version 13.1 as soon as possible.

3. Is there anything I need to know before upgrading to version 13.1?

The method for configuring 13.1 has changed since version 12.1. Before upgrading version 12.1 or 13.0, you must change the configuration mode from classic to advanced and complete testing to ensure all settings remain intact.

As there are operational risks with upgrading live production Netscalers, please contact Teba to discuss strategies to reduce or remove the risk of upgrading your Netscaler infrastructure.

Trusted by many of Australia’s largest companies:
Coles logo
Interactive logo
Monash Health
RACQ logo
Telstra logo