Skip to main content

Citrix CVE-2026-4368

| EUVDEUVD-2026-14547 HIGH
Race Condition (CWE-362)
2026-03-23 NetScaler GHSA-445m-jc4j-p5gf
7.7
CVSS 4.0 · NVD
Share

Severity by source

NVD PRIMARY
7.7 HIGH
CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

3
EUVD ID Assigned
Mar 23, 2026 - 20:30 euvd
EUVD-2026-14547
Analysis Generated
Mar 23, 2026 - 20:30 vuln.today
CVE Published
Mar 23, 2026 - 20:09 nvd
HIGH 7.7

DescriptionCVE.org

Race Condition in NetScaler ADC and NetScaler Gateway when appliance is configured as Gateway (SSL VPN, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server leading to User Session Mixup

AnalysisAI

Citrix NetScaler ADC and Gateway instances configured for SSL VPN, ICA Proxy, CVPN, RDP Proxy, or AAA virtual servers are vulnerable to a race condition that enables authenticated attackers to hijack other users' sessions. An attacker with valid credentials can exploit timing-dependent conditions to cause session mixup between concurrent users, potentially gaining unauthorized access to sensitive resources or impersonating other authenticated users. No patch is currently available for this high-severity vulnerability.

Technical ContextAI

The vulnerability is rooted in a classic race condition (CWE category related to concurrent access to shared resources without proper synchronization) within NetScaler's session management infrastructure. The affected products include NetScaler ADC (cpe:2.3:a:netscaler:adc:*:*:*:*:*:*:*:*) and NetScaler Gateway (cpe:2.3:a:netscaler:gateway:*:*:*:*:*:*:*:*), which are reverse proxy and secure access appliances commonly deployed as SSL VPN gateways, ICA Proxy servers, Clientless VPN (CVPN) endpoints, RDP proxies, and AAA virtual servers. When multiple concurrent user sessions are processed by the appliance, improper synchronization of session state management allows a timing-dependent condition where session identifiers or authentication contexts can be incorrectly assigned or shared between different user connections. This is particularly critical in gateway deployments where the appliance acts as a trust boundary between untrusted networks and internal resources.

RemediationAI

Consult Citrix security advisory CTX696300 (https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX696300) for patched versions and upgrade NetScaler ADC and NetScaler Gateway to the recommended fixed release immediately. As interim mitigations pending patch deployment, consider reducing concurrent user session load through connection limits, implementing network-level access controls to restrict gateway access to known-good sources only, and enabling enhanced session monitoring and logging to detect anomalous session access patterns. Citrix may recommend appliance-level configuration hardening such as disabling unused protocols (CVPN, ICA Proxy, RDP Proxy if not required) to reduce attack surface until patches can be applied.

More in Citrix

View all
CVE-2017-6316 CRITICAL POC
9.8 Jul 20

Citrix NetScaler SD-WAN devices through v9.1.2.26.561201 allow remote attackers to execute arbitrary shell commands as r

CVE-2025-5777 HIGH POC
7.5 Jun 17

Citrix NetScaler ADC and Gateway contain an input validation vulnerability (CVE-2025-5777, CVSS 7.5) leading to memory o

CVE-2012-0217 HIGH POC
7.2 Jun 12

The x86-64 kernel system-call functionality in Xen 4.1.2 and earlier, as used in Citrix XenServer 6.0.2 and earlier and

CVE-2017-17382 MEDIUM POC
5.9 Dec 13

Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 10.5 before build 67.13, 11.0 before build

CVE-2025-6543 CRITICAL POC
9.8 Jun 25

Citrix NetScaler ADC and Gateway contain a memory overflow vulnerability (CVE-2025-6543, CVSS 9.8) leading to unintended

CVE-2026-3055 CRITICAL POC
9.3 Mar 23

An insufficient input validation vulnerability exists in Citrix NetScaler ADC and NetScaler Gateway when configured as a

CVE-2015-2682 MEDIUM POC
5.0 Mar 26

Citrix Command Center before 5.1 Build 35.4 and 5.2 before Build 42.7 allows remote attackers to obtain credentials via

CVE-2026-8451 HIGH POC
8.8 Jun 30

Memory overread in Citrix NetScaler ADC and NetScaler Gateway lets remote attackers read out-of-bounds memory when the a

CVE-2019-12990 CRITICAL POC
9.8 Jul 16

Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 allow Directory Traversal. Rated critical s

CVE-2019-12989 CRITICAL POC
9.8 Jul 16

Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 allow SQL Injection. Rated critical severit

CVE-2019-12988 CRITICAL POC
9.8 Jul 16

Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 4 of

CVE-2019-12987 CRITICAL POC
9.8 Jul 16

Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 3 of

Share

CVE-2026-4368 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy