Medium severity security update announced for NetScaler Gateway and NetScaler
Summary
Cloud Software Group released builds on November 11, 2025, to address one security vulnerability. NetScaler Gateway & NetScaler is affected by CVE 2025-12101, which has a CVSS score of 5.9. CVE 2025-12101 is a cross-site scripting vulnerability impacting NetScaler Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy, or AAA virtual server).
- NetScaler ADC and NetScaler Gateway 14.1 before 14.1-56.73
- NetScaler ADC and NetScaler Gateway 13.1 before 13.1-60.32
- NetScaler ADC 13.1-FIPS and NDcPP before 13.1-37.250-FIPS
- NetScaler ADC 12.1-FIPS and NDcPP before 12.1-55.333-FIPS
Official advisory · medium-confidence parse· fetched 5 days ago·verify at source
- 14.1-56.73
- 13.1-60.32
- 13.1-37.250-FIPS
- 12.1-55.333-FIPS
- 13.1-37.250
- 12.1-55.333
Official advisory · medium-confidence parse· fetched 5 days ago·verify at source
Mitigation checklist
- Upgrade to a fixed build: 14.1-56.73, 13.1-60.32, 13.1-37.250-FIPS, 12.1-55.333-FIPS, 13.1-37.250, 12.1-55.333 or later for your release line.
Official advisory · medium-confidence parse· fetched 5 days ago·verify at source
Discussion(0)
No comments yet. Share field notes, upgrade gotchas, or questions — verify against the vendor advisory before acting on community advice.
Sign in to join the discussion.