ADC

Signature update version 125

New signatures rules are generated for the vulnerabilities identified in the week 2024-02-26. You can download and configure these signature rules to protect your appliance from security vulnerable attacks.

Signature version

Signature version 125 applicable for NetScaler 11.1, NetScaler 12.0, Citrix ADC 12.1, Citrix ADC 13.0, NetScaler 13.1, NetScaler 14.1 platforms.

Note

Enabling Post body and Response body signature rules might affect NetScaler CPU.

Common Vulnerability Entry (CVE) insight

Following is a list of signature rules, CVE IDs, and its description.

Signature rule CVE ID Description
998532 CVE-2024-24830 WEB-MISC OpenObserve Prior to 0.8.0 - Privilege Escalation (CVE-2024-24830)
998533 CVE-2024-25106 WEB-MISC OpenObserve Prior to 0.8.0 - Unauthorized Access Vulnerability (CVE-2024-25106)
998534 CVE-2024-24747 WEB-MISC MinIO Prior to RELEASE.2024-01-31T20-20-33Z - Improper Privilege Management Vulnerability (CVE-2024-24747)
998535 CVE-2024-1709 WEB-MISC ConnectWise ScreenConnect Prior to 23.9.8 - Authentication Bypass Vulnerability (CVE-2024-1709)
998536 CVE-2024-1207 WEB-WORDPRESS WP Booking Calendar Plugin Prior to 9.9.1 - Unauthenticated SQL Injection Vulnerability (CVE-2024-1207)
998537 CVE-2024-0221 WEB-WORDPRESS Photo Gallery Up To 1.8.19 - Directory Traversal Vulnerability (CVE-2024-0221)
998538 CVE-2024-0221 WEB-WORDPRESS Photo Gallery Up To 1.8.19 - Directory Traversal Vulnerability (CVE-2024-0221)
998539 CVE-2023-46266 WEB-MISC Ivanti Avalanche Prior to 6.4.2 - Authentication Bypass Vulnerability (CVE-2023-46266)
998540 CVE-2023-46264 WEB-MISC Ivanti Avalanche Prior to 6.4.2 - Arbitrary File Upload Vulnerability (CVE-2023-46264)
998541 CVE-2023-46263 WEB-MISC Ivanti Avalanche Prior to 6.4.2 - Arbitrary File Upload Vulnerability (CVE-2023-46263)
998542 CVE-2023-46214 WEB-MISC Splunk Enterprise Prior to 9.0.7 and 9.1.2 - Insecure XML Parsing Vulnerability (CVE-2023-46214)
998543 CVE-2021-22962 WEB-MISC Ivanti Avalanche Prior to 6.4.2 - Authentication Bypass vulnerability (CVE-2021-22962)
Signature update version 125