Signature update version 75
New signatures rules are generated for the vulnerabilities identified in the week 2022-01-20. You can download and configure these signature rules to protect your appliance from security vulnerable attacks.
Signature version
Signature version 75 applicable for NetScaler 11.1, NetScaler 12.0, Citrix ADC 12.1, Citrix ADC 13.0 platforms.
Note:
Enabling Post body and Response body signature rules might affect Citrix ADC CPU.
Common Vulnerability Entry (CVE) insight
Following is a list of signature rules, CVE IDs, and its description.
Signature rule | CVE ID | Description |
---|---|---|
999055 | CVE-2021-44224 | WEB-MISC Apache HTTP Server - Malformed UDS Vulnerability Via Forward and Reverse Proxy (CVE-2021-44224) |
999056 | CVE-2021-43815 | WEB-MISC Apache Grafana - TestData DB Data Source Path Traversal Vulnerability (CVE-2021-43815) |
999057 | CVE-2021-43813 | WEB-MISC Apache Grafana - Path Traversal Vulnerability Via Markdown (CVE-2021-43813) |
999058 | CVE-2021-43405 | WEB-MISC FusionPBX Prior to 4.5.30 - OS Command Injection Via fax_extension (CVE-2021-43405) |
999059 | CVE-2021-42392 | WEB-MISC H2 Console Prior to 2.0.206 - Remote Code Execution Vulnerability (CVE-2021-42392) |
999060 | CVE-2021-42362 | WEB-WORDPRESS Popular Post Plugin Prior to 5.3.3 - Arbitrary File Upload Vulnerability (CVE-2021-42362) |
999061 | CVE-2021-42129 | WEB-MISC Ivanti Avalanche Prior to 6.3.3 - OS Command Injection Vulnerability Via txtUpass (CVE-2021-42129) |
999062 | CVE-2021-42129 | WEB-MISC Ivanti Avalanche Prior to 6.3.3 - OS Command Injection Vulnerability Via txtUname (CVE-2021-42129) |
999063 | CVE-2021-42129 | WEB-MISC Ivanti Avalanche Prior to 6.3.3 - OS Command Injection Vulnerability Via txtUncPath (CVE-2021-42129) |
999064 | CVE-2021-40345 | WEB-MISC Nagios XI Prior to 5.8.6 - OS Command Injection Vulnerability Via Maliciously Crafted ZIP File (CVE-2021-40345) |
999065 | CVE-2021-37928 | WEB-MISC Zoho ManageEngine ADManager Plus Prior to 7110 - Unrestricted File Upload Vulnerability (CVE-2021-37928) |
999066 | CVE-2021-25037 | WEB-WORDPRESS All In One SEO Plugin Prior to 4.1.5.3 - SQL Injection Vulnerability Via objects REST API and rest_route |
999067 | CVE-2021-25037 | WEB-WORDPRESS All In One SEO Plugin Prior to 4.1.5.3 - SQL Injection Vulnerability Via objects REST API |
999068 | CVE-2021-25036 | WEB-WORDPRESS All In One SEO Plugin Prior to 4.1.5.3 - Privilege Escalation Vulnerability Via REST API and rest_route |
999069 | CVE-2021-25036 | WEB-WORDPRESS All In One SEO Plugin Prior to 4.1.5.3 - Privilege Escalation Vulnerability Via REST API |
999070 | CVE-2021-21917 | WEB-MISC Advantech R-SeeNet Prior to 2.4.17 - SQL Injection Vulnerability Via ord (CVE-2021-21917) |
999071 | CVE-2021-20040 | WEB-MISC SonicWall Secure Mobile Access - Arbitrary File Write Vulnerability (CVE-2021-20040) |
999072 | CVE-2021-20039 | WEB-MISC SonicWall Secure Mobile Access - Command Injection Vulnerability (CVE-2021-20039) |
Signature update version 75
Copied!
Failed!