CVE-2024-8535: 
Citrix ADC VPX vulnerability analysis and mitigation

CVE-2024-8535 is a security vulnerability affecting NetScaler ADC and NetScaler Gateway appliances. The vulnerability was discovered and disclosed on November 12, 2024. It specifically impacts systems configured as a Gateway (SSL VPN, ICA Proxy, CVPN, RDP Proxy) with KCDAccount configuration for Kerberos SSO to access backend resources, or systems configured as an Auth Server (AAA Vserver) with KCDAccount configuration for Kerberos SSO (NVD, CVE Mitre).

The vulnerability is classified under CWE-552 (Files or Directories Accessible to External Parties). According to the CVSS 4.0 scoring system, it has received a medium severity score of 5.8, with the following vector string: CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:H/SI:H/SA:H. The vulnerability allows authenticated users to access unintended user capabilities in the affected systems (NVD).

The vulnerability can result in unauthorized access to user capabilities within NetScaler ADC and NetScaler Gateway systems. The CVSS scoring indicates high potential impact on system confidentiality, integrity, and availability when exploited (NVD).

Citrix has released security bulletins addressing this vulnerability. Detailed mitigation information is available through the official Citrix support portal (Citrix Support).