• Creation
  • Validation
  • Communication & fix
  • Disclosure

Delhaize / Citrix ADC appliance is outdated
BloodyShell reported 2023-07-24

The following Citrix/Netscaler ADC appliance is publicly accessible and looks out-dated :

It is critical to update to a safe version as soon as possible since multiple CVEs allow remote attackers to DoS or achieve RCE (Remote code execution) on the server. Those vulnerabilities are currently used in ransomware campaign and could damage your network.

Reference:

IP:
194.78.122.105
Port:
443
Detected protocol:
https
Vulnerable URL:
https://194.78.122.105 
Found vulnerable Citrix ADC:
Affected by CVE-2023-3519
Affected by CVE-2023-3467
Affected by CVE-2023-3466
Found by CitrixADCPlugin 2023-07-20
Report created by BloodyShell  2023-07-24
Report approved by BloodyShell  2023-07-24
New PDF report generated by system 2023-07-24
Report dispatched to ...@... by system 2023-07-24
system commented 2023-07-24: approved shows in report 

Email from: 

Dear Sender,

Thank you for your e-mail. You reached the responsible disclosure mailbox of the Ahold Delhaize information security team. This e-mail address is intended to handle the responsible disclosures of security vulnerabilities. If you submitted a valid responsible disclosure you will be contacted by one of our team members.
Are you a customer and have a question, complaint or suggestion? Unfortunately, we can't help you via this e-mail address. Please reach out to the customer services of the specific local brand (e.g. ah.nl/klantenservice, foodlion.com/customer-service). This e-mail (including any attachments) may contain information that is private, confidential, or protected by attorney-client or other privilege.  If you received this e-mail in error, please delete it from your system without copying it and notify sender by reply e-mail.

Report comment dispatched to BloodyShell by system 2023-07-24
Report comment dispatched to iampritam by system 2023-07-24
Report comment dispatched to fokoil by system 2023-07-24
Report marked as fixed by BloodyShell  2023-08-13
Report comment 3e4b48 approved by BloodyShell  2023-08-13
New PDF report generated by system 2023-08-13
Report comment dispatched to BloodyShell by system 2023-08-13
Report comment dispatched to ad.itsecurity.group@aholddelhaize.com by system 2023-08-13
Report closed by BloodyShell  2023-08-13
New PDF report generated by system 2023-08-13
Report edited by BloodyShell  2023-08-13
New PDF report generated by system 2023-08-13
Information
Owner Delhaize
Created 2023-07-24 11:59
Updated 2023-08-13 12:50
Fixed true
Contacts
a...@aholddelhaize.com
Status
Status closed
Hosting contacted false
CERT contacted false
Download report

© 2024 LeakIX
About LeakIX - Credits - Take-down and blacklist requests - Security issues - Terms and conditions - Cookie policy - Legal notice