NetScaler 10.5 to 12.0 affected by two TLS Vulnerabilities

Yesterday, Citrix released two Security Bulletins related to TLS vulnerabilities with Citrix NetScaler v10.5 up to 12.0. These are:

CTX230238 (CVE-2017-17382): TLS Padding Oracle Vulnerability in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway, and
CTX230612 (CVE-2017-17549): Information Disclosure in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway Client TLS Handshake – VPX only.

Citrix recommends a firmware update of all affected NetScaler / Gateway instances to these builds (or newer):

NSOS 11.0-71.18 HA Failover Issues With NetScaler 11.0 build 71.18, High Availability issues may rise:…
HDX Adaptive Transport & EDT When it comes to HDX Adaptvie Transport and EDT, there…
Current DDoS Attacks against Citrix ADC / Gateway Do you remeber December 2019? Or even early January 2020?…
Citrix Deployment Guides This post is intended to collect links and URLs related…
Citrix ADM 12.1 latest and 13.0 ADM is Citrix' Application Delivery Management, which allows continious network…
NetScaler and OpenSSL Many customer asked me, if those OpenSSL vulnerabilities found for…