Jump to content
Welcome to our new Citrix community!

PCI Scan failure for jquery vulnerability using Netscaler version 11


Jacob Haugh

Recommended Posts

Good Afternoon,

 

We have a customer using NetScaler NS11.1: Build 58.13.nc and they had a PCI Scan that was run and failed on CVE-2015-9251 - JQuery < 3.4.0 Object Prototype Pollution Vulnerability.

 

Currently the customer in on NetScaler version 11 and has a Jquery version below 3.3. 

 

They want to remediate the PCI Scan failure so I am wondering if the current version 11 NetScaler allows for an upgrade of the Jquery component to above 3.4 or do we need to advise the customer to upgrade to a newer version of NetScaler.

 

I have found the following article that relates to this issue but is a more updated CVE related to NetScaler version 12.

https://discussions.citrix.com/topic/402998-netscaler-j-query-vulnerability/#comment-2041568

 

Thanks for your assistance to resolve this.

Link to comment
Share on other sites

  • 3 months later...

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...