Signature update version 100
New signatures rules are generated for the vulnerabilities identified in the week 2023-01-05. You can download and configure these signature rules to protect your appliance from security vulnerable attacks.
Signature version
Signature version 100 applicable for NetScaler 11.1, NetScaler 12.0, Citrix ADC 12.1, Citrix ADC 13.0, Citrix ADC 13.1 platforms.
Note
Enabling Post body and Response body signature rules might affect Citrix ADC CPU.
Common Vulnerability Entry (CVE) insight
Following is a list of signature rules, CVE IDs, and its description.
| Signature rule | 简历E ID | Description |
|---|---|---|
| 998802 | 简历E-2022-47945 | WEB-MISC ThinkPHP - Language File Inclusion RCE Vulnerability Via Header (CVE-2022-47945) |
| 998803 | 简历E-2022-47945 | WEB-MISC ThinkPHP - Language File Inclusion RCE Vulnerability via Cookie (CVE-2022-47945) |
| 998804 | 简历E-2022-47945 | WEB-MISC ThinkPHP - Language File Inclusion RCE Vulnerability via Form (CVE-2022-47945) |
| 998805 | 简历E-2022-45462 | WEB-MISC Apache DolphinScheduler Prior to 2.0.6 - OS Command Injection Vulnerability (CVE-2022-45462) |
| 998806 | 简历E-2022-44635 | WEB-MISC Apache Fineract Prior to 1.8.1 - File Upload Path Traversal Vulnerability (CVE-2022-44635) |
| 998807 | 简历E-2022-43672 | WEB-MISC Zoho ManageEngine多个产品- SQLInjection Vulnerability (CVE-2022-43672) |
| 998808 | 简历E-2022-43671 | WEB-MISC Zoho ManageEngine多个产品- SQLInjection Vulnerability (CVE-2022-43671) |
| 998809 | 简历E-2022-41773 | WEB-MISC Delta DIAEnergie - SQL Injection Vulnerability Via CheckDIACloud (CVE-2022-41773) |
| 998810 | 简历E-2022-41351 | WEB-MISC Zimbra Collaboration Suite 8.8.15 - XSS vulnerability (CVE-2022-41351) |
| 998811 | 简历E-2022-41350 | WEB-MISC Zimbra Collaboration Suite 8.8.15 - XSS vulnerability (CVE-2022-41350) |
| 998812 | 简历E-2022-41133 | WEB-MISC Delta Electronics DIAEnergie - SQLi Vulnerability Via GetDIAE_line_message_settingsListParameters (CVE-2022-41133) |
| 998813 | 简历E-2022-40967 | WEB-MISC Delta Electronics DIAEnergie - SQL Injection Vulnerability Via CheckIoTHubNameExisted (CVE-2022-40967) |
| 998814 | 简历E-2022-34662 | WEB-MISC Apache DolphinScheduler Prior to 2.0.6 - Path Traversal Vulnerability (CVE-2022-34662) |
| 998815 | 简历E-2022-3383, CVE-2022-3384 | WEB-WORDPRESS WordPress Plugin Ultimate Member Prior to 2.5.2 - Command Injection Vulnerability (CVE-2022-3383, CVE-2022-3384) |
| 998816 | 简历E-2022-31698 | WEB-MISC VMWare vCenter Server Prior to 6.5U3u, 6.7.0U3s and 7.0U3i - Denial of Service Vulnerability (CVE-2022-31698) |
| 998817 | 简历E-2022-20867 | WEB-MISC Cisco Email Security Appliance - SQL Injection Vulnerability (CVE-2022-20867) |
Signature update version 100
Copied!
Failed!