A recent security patch released for NetScaler, now known as Citrix ADC and NetScaler Gateway, is causing unexpected login issues for some administrators. The update was intended to address a critical authentication bypass vulnerability, widely tracked as CVE-2023-4966 and dubbed “Citrix Bleed,” which has been actively exploited.
However, deploying this crucial fix has introduced a new problem: administrators using certain authentication methods are finding themselves unable to log in successfully. The issues primarily affect logins utilizing SAML, RADIUS, or TACACS protocols for authentication. This prevents IT teams from accessing and managing the patched appliances.
The vendor has acknowledged these login failures stemming from the patch deployment on affected versions. While the primary goal of applying the patch is to mitigate the severe authentication bypass vulnerability, administrators are now facing a different obstacle in managing their systems post-update. This creates a challenging situation for organizations relying on these specific authentication methods for administrative access.
Guidance has been released to help administrators identify if they are experiencing these login problems and provides potential workarounds or steps to regain access. It is critical for organizations that have applied the NetScaler patch to verify administrative access using their standard methods and consult the official resources if they encounter difficulties. The focus remains on ensuring that the critical security vulnerability is addressed while also restoring essential administrative functionality. Organizations should carefully review the vendor’s latest advisories to navigate this situation effectively and maintain both security and operational continuity.
Source: https://www.bleepingcomputer.com/news/security/citrix-warns-of-login-issues-after-netscaler-auth-bypass-patch/
