ADC

Signature update version 102

New signatures rules are generated for the vulnerabilities identified in the week 2023-02-03. You can download and configure these signature rules to protect your appliance from security vulnerable attacks.

Signature version

Signature version 102 applicable for NetScaler 11.1, NetScaler 12.0, Citrix ADC 12.1, Citrix ADC 13.0, Citrix ADC 13.1 platforms.

Note

Enabling Post body and Response body signature rules might affect Citrix ADC CPU.

Common Vulnerability Entry (CVE) insight

Following is a list of signature rules, CVE IDs, and its description.

Signature rule CVE ID Description
998774 CVE-2022-47966 WEB-MISC Zoho ManageEngine Products - RCE Vulnerability Via XSL Transformations in SamlResponseServlet Endpoint (CVE-2022-47966)
998775 CVE-2022-47966 WEB-MISC Zoho ManageEngine Products - RCE Vulnerability Via XSL Transformations in samlLogin Endpoint (CVE-2022-47966)
998776 CVE-2022-47615 WEB-WORDPRESS LearnPress Plugin Up to 4.1.7.3.2 - REST_ROUTE Local File Inclusion Vulnerability (CVE-2022-47615)
998777 CVE-2022-47615 WEB-WORDPRESS LearnPress Plugin Up to 4.1.7.3.2 - REST API Local File Inclusion Vulnerability (CVE-2022-47615)
998778 CVE-2022-46169 WEB-MISC Cacti Server Prior to 1.2.23 - Command Injection (CVE-2022-46169)
998779 CVE-2022-45808 WEB-WORDPRESS LearnPress Plugin Prior to 4.2 - REST_ROUTE SQL Injection Vulnerability via order_by (CVE-2022-45808)
998780 CVE-2022-45808 WEB-WORDPRESS LearnPress Plugin Prior to 4.2 - REST API SQL Injection Vulnerability via order_by (CVE-2022-45808)
998781 CVE-2022-45808 WEB-WORDPRESS LearnPress Plugin Prior to 4.2 - REST_ROUTE SQL Injection Vulnerability via order (CVE-2022-45808)
998782 CVE-2022-45808 WEB-WORDPRESS LearnPress Plugin Prior to 4.2 - REST API SQL Injection Vulnerability via order (CVE-2022-45808)
998783 CVE-2022-44877 WEB-MISC Control Web Panel (CWP) 7 Prior to 0.9.8.1147 - OS Command Injection Vulnerability (CVE-2022-44877)
998784 CVE-2022-43473 WEB-MISC Zoho ManageEngine OpManager Prior to 126141 - XML External Entity Injection Vulnerability (CVE-2022-43473)
998785 CVE-2022-43447 WEB-MISC Delta Electronics DIAEnergie - SQL Injection Vulnerability in AM_EBillAnalysis Via txtPf (CVE-2022-43447)
998786 CVE-2022-43447 WEB-MISC Delta Electronics DIAEnergie - SQL Injection Vulnerability in AM_EBillAnalysis Via txtFav (CVE-2022-43447)
998787 CVE-2022-4323 WEB-WORDPRESS Google Analyticator Plugin Prior to 6.5.6 - PHP Object Injection Vulnerability (CVE-2022-4323)
998788 CVE-2022-42904 WEB-MISC Zoho ManageEngine ADManager Plus Prior to 7160 - OS Command Injection Vulnerability (CVE-2022-42904)
998789 CVE-2022-34271 WEB-MISC Apache Atlas Prior to 2.3.0 - Arbitrary File Upload Vulnerability (CVE-2022-34271)
Signature update version 102