Citrix Warns Authentication Failures Following The Update of NetScaler to Fix Auth Vulnerability

The authentication failures manifest as broken login pages and complete inability to access NetScaler Gateway portals, particularly affecting environments utilizing DUO configurations based on RADIUS authentication, SAML implementations, and custom Identity Provider (IDP) configurations. The policy’s restrictive nature, while enhancing security against browser-based threats, has proven incompatible with many custom authentication configurations that enterprises have deployed over time, creating an unexpected security versus functionality conflict. While CSP headers are designed to mitigate cross-site scripting (XSS) and code injection attacks, their sudden activation has created compatibility issues with existing authentication scripts and third-party integrations that were functioning properly before the update. The root cause has been identified as the automatic enablement of Content Security Policy (CSP) headers by default in the latest NetScaler builds. Additionally, administrators must flush the cache using the command flush cache contentgroup loginstaticobjects to ensure immediate implementation of changes across all affected authentication systems. With years of experience under his belt in Cyber Security, he is covering Cyber Security News, technology and other news. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. The updates, released as part of the company’s ongoing secure-by-design initiative, have inadvertently caused significant disruption to enterprise authentication systems across multiple organizations worldwide. Organizations relying on these authentication methods have reported complete service outages, forcing IT teams to implement emergency workarounds to maintain business continuity. Tushar is a Cyber security content editor with a passion for creating captivating and informative content. To address the immediate crisis, Citrix has provided a temporary workaround requiring administrators to disable the default CSP header through the NetScaler command-line interface.

This Cyber News was published on cybersecuritynews.com. Publication date: Thu, 03 Jul 2025 16:35:09 +0000

Cyber News related to Citrix Warns Authentication Failures Following The Update of NetScaler to Fix Auth Vulnerability

CVE-2007-2850 - The Session Reliability Service (XTE) in Citrix MetaFrame Presentation Server 3.0, Presentation Server 4.0, and Access Essentials 1.0 and 1.5, allows remote attackers to bypass network security policies and connect to arbitrary TCP ports via a ...
7 years ago

Two more Citrix NetScaler bugs exploited in the wild The Register - Two vulnerabilities in NetScaler's ADC and Gateway products have been fixed - but not before criminals found and exploited them, according to the vendor. CVE-2023-6548 could allow remote code execution in the appliances' management interface. It ...
1 year ago Go.theregister.com CVE-2023-6548 CVE-2023-6549

US Health Dept urges hospitals to patch critical Citrix Bleed bug - The U.S. Department of Health and Human Services warned hospitals this week to patch the critical 'Citrix Bleed' Netscaler vulnerability actively exploited in attacks. Ransomware gangs are already using Citrix Bleed to breach their targets' networks ...
1 year ago Bleepingcomputer.com CVE-2023-4966 LockBit

Citrix Bleed exploit lets hackers hijack NetScaler accounts - A proof-of-concept exploit is released for the 'Citrix Bleed' vulnerability, tracked as CVE-2023-4966, that allows attackers to retrieve authentication session cookies from vulnerable Citrix NetScaler ADC and NetScaler Gateway appliances. ...
1 year ago Bleepingcomputer.com CVE-2023-4966

Citrix warns of new Netscaler zero-days exploited in attacks - Citrix urged customers on Tuesday to immediately patch Netscaler ADC and Gateway appliances exposed online against two actively exploited zero-day vulnerabilities. The two zero-days impact the Netscaler management interface and expose unpatched ...
1 year ago Bleepingcomputer.com CVE-2023-4966

Citrix warns admins to kill NetScaler user sessions to block hackers - Citrix reminded admins today that they must take additional measures after patching their NetScaler appliances against the CVE-2023-4966 'Citrix Bleed' vulnerability to secure vulnerable devices against attacks. Besides applying the necessary ...
1 year ago Bleepingcomputer.com CVE-2023-4966 LockBit

Hackers use Citrix Bleed flaw in attacks on govt networks worldwide - Threat actors are leveraging the 'Citrix Bleed' vulnerability, tracked as CVE-2023-4966, to target government, technical, and legal organizations in the Americas, Europe, Africa, and the Asia-Pacific region. Researchers from Mandiant report that four ...
1 year ago Bleepingcomputer.com CVE-2023-4966 CVE-2023-3966

Citrix warns admins to patch NetScaler CVE-2023-4966 bug immediately - Citrix warned admins today to secure all NetScaler ADC and Gateway appliances immediately against ongoing attacks exploiting the CVE-2023-4966 vulnerability. The company patched this critical sensitive information disclosure flaw two weeks ago, ...
1 year ago Bleepingcomputer.com CVE-2023-4966 Rocke

Over 1,200 Citrix servers unpatched against critical auth bypass flaw - While Citrix has yet to confirm that this security flaw is being exploited in the wild, saying that "currently, there is no evidence to suggest exploitation of CVE-2025-5777," cybersecurity firm ReliaQuest reported on Thursday with medium confidence ...
1 week ago Bleepingcomputer.com CVE-2025-5777

LockBit ransomware exploits Citrix Bleed in attacks, 10K servers exposed - The Lockbit ransomware attacks use publicly available exploits for the Citrix Bleed vulnerability to breach the systems of large organizations, steal data, and encrypt files. Although Citrix made fixes available for CVE-2023-4966 more than a month ...
1 year ago Bleepingcomputer.com CVE-2023-4966 LockBit

CISA pushes federal agencies to patch Citrix RCE within a week - Today, CISA ordered U.S. federal agencies to secure their systems against three recently patched Citrix NetScaler and Google Chrome zero-days actively exploited in attacks, pushing for a Citrix RCE bug to be patched within a week. Citrix urged ...
1 year ago Bleepingcomputer.com CVE-2023-6548 CVE-2023-6549 CVE-2024-0519

Citrix Discovers Two Vulnerabilities, Both Exploited in the Wild - Two vulnerabilities have been found in NetScaler ADC and NetScaler Gateway, formerly known as Citrix ADC and Citrix Gateway, and are affecting six supported versions. Tracked as CVE-2023-6548, this vulnerability needs access to NSIP, CLIP, or SNIP ...
1 year ago Darkreading.com CVE-2023-6548 CVE-2023-6549 CVE-2023-4966

HHS warns of 'Citrix Bleed' attacks after hospital outages - The U.S. Department of Health and Human Services is warning hospitals and healthcare facilities across the country to patch a vulnerability known as "Citrix Bleed" that is being used in attacks by ransomware gangs. For weeks, cybersecurity experts ...
1 year ago Therecord.media CVE-2023-4966 LockBit

Citrix warns of login issues after NetScaler auth bypass patch - The first of the two security flaws (tracked as CVE-2025-5777 and dubbed Citrix Bleed 2) enables threat actors to bypass authentication by hijacking user sessions, while the second (CVE-2025-6543) is now actively exploited in denial-of-service ...
5 days ago Bleepingcomputer.com CVE-2025-5777

US Health Dept Urges Hospitals to Patch Critical 'Citrix Bleed' Vulnerability - This week, the US Department of Health and Human Services has warned hospitals of the critical 'Citrix Bleed' Netscaler vulnerability that has been exploited by threat actors in cyberattacks. On Thursday, the department's security team, Health Sector ...
1 year ago Cysecurity.news CVE-2023-4966

Citrix Warns Authentication Failures Following The Update of NetScaler to Fix Auth Vulnerability - The authentication failures manifest as broken login pages and complete inability to access NetScaler Gateway portals, particularly affecting environments utilizing DUO configurations based on RADIUS authentication, SAML implementations, and custom ...
4 days ago Cybersecuritynews.com

Citrix NetScaler Vulnerability Allows Unauthorized Command Execution - Cloud Software Group issued urgent patches on February 18, 2025, for a high-severity vulnerability (CVE-2024-12284) affecting its NetScaler Console (formerly NetScaler ADM) and NetScaler Agent. While exploitation requires existing access to the ...
4 months ago Cybersecuritynews.com CVE-2024-12284 CVE-2024-20341 CVE-2024-6387

CVE-2020-8245 - Improper Input Validation on Citrix ADC and Citrix Gateway 13.0 before 13.0-64.35, Citrix ADC and NetScaler Gateway 12.1 before 12.1-58.15, Citrix ADC 12.1-FIPS before 12.1-55.187, Citrix ADC and NetScaler Gateway 12.0, Citrix ADC and NetScaler ...
4 years ago

CVE-2020-8247 - Citrix ADC and Citrix Gateway 13.0 before 13.0-64.35, Citrix ADC and NetScaler Gateway 12.1 before 12.1-58.15, Citrix ADC 12.1-FIPS before 12.1-55.187, Citrix ADC and NetScaler Gateway 12.0, Citrix ADC and NetScaler Gateway 11.1 before 11.1-65.12, ...
4 years ago

CVE-2020-8246 - Citrix ADC and Citrix Gateway 13.0 before 13.0-64.35, Citrix ADC and NetScaler Gateway 12.1 before 12.1-58.15, Citrix ADC 12.1-FIPS before 12.1-55.187, Citrix ADC and NetScaler Gateway 12.0, Citrix ADC and NetScaler Gateway 11.1 before 11.1-65.12, ...
4 years ago

Critical Citrix Bleed 2 flaw now likely exploited in attacks - "While no public exploitation of CVE-2025-5777, dubbed "Citrix Bleed 2," has been reported, ReliaQuest assesses with medium confidence that attackers are actively exploiting this vulnerability to gain initial access to targeted environments," warns ...
1 week ago Bleepingcomputer.com CVE-2025-5777

Citrix Bleed 2 flaw now believed to be exploited in attacks - "While no public exploitation of CVE-2025-5777, dubbed "Citrix Bleed 2," has been reported, ReliaQuest assesses with medium confidence that attackers are actively exploiting this vulnerability to gain initial access to targeted environments," warns ...
1 week ago Bleepingcomputer.com CVE-2025-5777

2100+ Citrix Servers Vulnerable to Actively Exploited Bypass Authentication Vulnerability - Over 2,100 vulnerable Citrix NetScaler servers remain exposed to active exploitation, despite patches being available for critical vulnerabilities that allow attackers to bypass authentication mechanisms and steal session tokens. ReliaQuest ...
1 week ago Cybersecuritynews.com CVE-2025-5777

"CitrixBleed 2" Vulnerability PoC Released - Warns of Potential Widespread Exploitation - A new critical vulnerability in Citrix NetScaler devices has security experts warning of potential widespread exploitation, drawing alarming parallels to the devastating “CitrixBleed” attacks that plagued organizations in 2023. The ...
2 days ago Cybersecuritynews.com CVE-2025-5777

CERT-UA warns of malware campaign conducted by threat actor UAC-0006 - Threat actors may have exploited a zero-day in older iPhones, Apple warns. Microsoft fixed two zero-day bugs exploited in malware attacks. Threat actors actively exploit JetBrains TeamCity flaws to deliver malware. Recent DarkGate campaign exploited ...
1 year ago Securityaffairs.com CVE-2023-49103 CVE-2023-46747 CVE-2023-46748 CVE-2023-4966 CVE-2023-3519

Citrix Warns Authentication Failures Following The Update of NetScaler to Fix Auth Vulnerability

Cyber News related to Citrix Warns Authentication Failures Following The Update of NetScaler to Fix Auth Vulnerability

Latest Cyber News

Cyber Trends (last 7 days)

Trending Cyber News (last 7 days)