Jump to content
Welcome to our new Citrix community!

NetScaler OpenSSH vulnerability (CVE-2023-38408)


Recommended Posts

Hi, I just did a short check on our 13 & 13.1 systems to see if the CVE (https://nvd.nist.gov/vuln/detail/CVE-2023-38408) is viable or has been patched torether with CVE-2023-3519.


And it does not look too good:




> show ns version

        NetScaler NS13.0: Build 91.13.nc, Date: Jul  7 2023, 09:45:31   (64-bit)


> shell

Copyright (c) 1992-2013 The FreeBSD Project.

Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994

        The Regents of the University of California. All rights reserved.


root@XXXXXXXXX# ssh -V

OpenSSH_8.6p1-FIPS, OpenSSL 1.0.2zd-fips  15 Mar 2022





XXXXXXXXXX_xxxxxx_Secondary#> show ns version

        NetScaler NS13.1: Build 49.13.nc, Date: Jul 10 2023, 12:00:59   (64-bit)


XXXXXXXXXX_xxxxxx_Secondary#> shell

root@XXXXXXXXXX# ssh -V

OpenSSH_8.6p1-FIPS, OpenSSL 1.0.2zd-fips  15 Mar 2022



Is there an Article / Recommendation on this Issue ?

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Create New...