Checklist for NetScaler (Citrix ADC) CVE-2023-4966

Citrix issued an alert (10/10/2023) about a critical vulnerability (CVE-2023-4966) in all NetScaler (Citrix ADC) & Gateway systems. Several working exploits have been published.

Please note that simply updating the systems is not enough. The connection tokens must also be reset.

Important ! There are no patches for NetScaler (Citrix ADC) version 12.1 or older. These systems have reached their EOL and will therefore no longer be equipped with the necessary fix. In this case please update to the latest 13.0, 13.1 or 14.1 version.

The vulnerability allows anonymous remote code execution and thus unauthenticated attackers to take over various machines with root privileges.

Continue reading “Checklist for NetScaler (Citrix ADC) CVE-2023-4966”

SAML Authentication between Citrix & Microsoft with Azure MFA

Update to the latest cloud navigation.

As a result of increasing projects, here is a little how-to with the summary of my previous articles. The main points are:

  • Azure AD Seamless Single Sign-On (PTA / PHS)
  • SAML Authentication (Azure AD as IdP & Citrix Gateway as SP)
  • Citrix Federated Authentication Service (FAS)
  • Microsoft Azure Multi-Factor-Authentication with Conditional Access

Requirements

  • Fully working Citrix Virtual Apps and Desktop Environment (StoreFront & DDC Minimum Version 7.9)
  • NetScaler with successful base configuration & activated Enterprise or Platinum license (Minimum Version 12.1 Build 50+ for native workspace app, for browser Minimum Version 11.1)
  • Configured Unified Gateway vServer
  • Internal and external DNS entries for Unified Gateway vServer (e.g. citrix.deyda.net)
  • Certificates for DNS entries (wildcard certificates are the easiest)
  • Existing Azure Tenant with Azure-AD base configuration (Domain, AAD Sync) & activated Azure AD Premium license
  • AD Connect version installed and configured (Minimum Version 1.1.644.0)
  • Firewall release for *.msappproxy.net on port 443
  • Domain administrator credentials for the domains that connected to Azure AD via AD Connect
  • Installed Authenticator App on Test User Mobile Phone
Continue reading “SAML Authentication between Citrix & Microsoft with Azure MFA”

Checklist for NetScaler (Citrix ADC) CVE-2023-3519

Citrix issued an alert yesterday (07/18/2023) about a critical vulnerability (CVE-2023-3519) in all NetScaler (Citrix ADC) & Gateway systems. To date, no working exploits have been published.

Important ! There are no patches for NetScaler (Citrix ADC) version 12.1 or older. These systems have reached their EOL and will therefore no longer be equipped with the necessary fix. In this case please update to the latest 13.0 or 13.1 version.

The vulnerability allows anonymous remote code execution and thus unauthenticated attackers to take over various machines with root privileges.

As we hear from the Citrix community, more and more attacked systems are being found. The first exploits have also been available for purchase on the dark web for some time.

Continue reading “Checklist for NetScaler (Citrix ADC) CVE-2023-3519”

WEM Administration Console – Part 2 (System Optimization, Policies & Profiles and Security)

Current version is Workspace Environment Management 2206.

Workspace Environment Management 2206

In the following I will give an insight into the menu items System Optimization, Policies & Profiles and Security.

System Optimization, Policies & Profiles and Security

System Optimization

These settings are used to reduce resource usage on the host. They are used to free up resources and make them available for other applications, thereby increasing the user density per host.

While the System Optimization settings are machine-based and apply to all user sessions of a machine, the Process Optimization under CPU Management is user-based.

That is, when a process triggers CPU Spike Protection in user A’s session, the event is recorded and limited for user A only. When user B starts the same process, the behavior of process optimization is determined only by process triggers in user B’s session.

System Optimization CPU Management Memory Management I/O Management Fast Logoff Citrix Optimizer Multi-session Optimization
Continue reading “WEM Administration Console – Part 2 (System Optimization, Policies & Profiles and Security)”

WEM Administration Console – Part 1 (Actions, Filters & Assignments)

Current version is Workspace Environment Management 2206.

Workspace Environment Management 2206

Known problems

  • When VUEMRSAV.exe is used to display results on actions applied through an action group for the current user, the Applied Actions tab may display the wrong source of actions. [WEM – 20002]
Continue reading “WEM Administration Console – Part 1 (Actions, Filters & Assignments)”