Signature update version 78
New signatures rules are generated for the vulnerabilities identified in the week 2022-03-29. You can download and configure these signature rules to protect your appliance from security vulnerable attack.
Signature version
Signature version 78 applicable for NetScaler 11.1, NetScaler 12.0, Citrix ADC 12.1, Citrix ADC 13.0, Citrix ADC 13.1 platforms.
Note:
Enabling Post body and Response body signature rules might affect Citrix ADC CPU.
Common Vulnerability Entry (CVE) insight
Following is a list of signature rules, CVE IDs, and its description.
Signature rule | CVE ID | Description |
---|---|---|
999006 | WEB-MISC Zabbix Multiple Versions - Remote Code Execution Vulnerability Via items.php | |
999007 | CVE-2022-24266 | WEB-MISC Cuppa CMS v1.0 - SQL Injection Vulnerability via order_orientation (CVE-2022-24266) |
999008 | CVE-2022-24266 | WEB-MISC Cuppa CMS v1.0 - SQL Injection Vulnerability via order_by (CVE-2022-24266) |
999009 | CVE-2022-22005 | WEB-MISC Microsoft SharePoint - RCE Via Deserialization of Untrusted Data Vulnerability (CVE-2022-22005) |
999010 | CVE-2022-21705 | WEB-MISC OctoberCMS Prior to Build 474 and v1.1.10 - Remote Code Execution Vulnerability (CVE-2022-21705) |
999011 | CVE-2022-0557 | WEB-MISC Microweber Prior to 1.2.11 - Remote Code Execution Vulnerability (CVE-2022-0557) |
999012 | CVE-2022-0513 | WEB-WORDPRESS WP Statistics Plugin Prior to 13.1.5 - Blind SQL Injection Vulnerability (CVE-2022-0513) |
999013 | CVE-2022-0332 | WEB-MISC Moodle 3.11.0 to 3.11.4 - H5P Activity SQL Injection Vulnerability (CVE-2022-0332) |
999014 | CVE-2021-46088 | WEB-MISC Zabbix Multiple Versions - Remote Code Execution Vulnerability (CVE-2021-46088) |
999015 | CVE-2021-43789 | WEB-MISC PrestaShop Prior to 1.7.8.2 - SQL Injection Vulnerability Via sortOrder (CVE-2021-43789) |
999016 | CVE-2021-43789 | WEB-MISC PrestaShop Prior to 1.7.8.2 - SQL Injection Vulnerability Via orderBy (CVE-2021-43789) |
999017 | CVE-2021-43408 | WEB-WORDPRESS Duplicate Post Plugin Prior to 1.1.9 - SQL Injection Vulnerability (CVE-2021-43408) |
999018 | CVE-2021-43319 | WEB-MISC Zoho ManageEngine NCM Prior to 125488 - OS Command Injection Vulnerability (CVE-2021-43319) |
999019 | CVE-2021-41282 | WEB-MISC pfSense 2.5.2 - Remote Code Execution Vulnerability (CVE-2021-41282) |
999020 | CVE-2021-39115, CVE-2021-43947 | WEB-MISC Atlassian Jira Server and Data Center - Server Side Template Injection Vulnerability (CVE-2021-39115, CVE-2021-43947) |
999021 | CVE-2021-38452 | WEB-MISC Moxa MXview Network Management Prior to 3.2.2 - Path Traversal Vulnerability (CVE-2021-38452) |
999022 | CVE-2021-37918 | WEB-MISC Zoho ManageEngine ADManager Plus Prior to 7111 - Path Traversal Vulnerability Via domainName (CVE-2021-37918) |
999023 | CVE-2021-37918 | WEB-MISC Zoho ManageEngine ADManager Plus Prior to 7111 - Path Traversal Vulnerability Via bm_operationId (CVE-2021-37918) |
999024 | CVE-2021-37918 | WEB-MISC Zoho ManageEngine ADManager Plus Prior to 7111 - RCE Via Arbitrary File Upload Vulnerability (CVE-2021-37918) |
999025 | CVE-2021-32649 | WEB-MISC OctoberCMS Prior to Build 473 and v1.1.6 - Remote Code Execution Vulnerability via Twig (CVE-2021-32649) |
999026 | CVE-2021-32648 | WEB-MISC OctoberCMS Prior to Build 472 and v1.1.5 - Password Reset Vulnerability (CVE-2021-32648) |
999027 | CVE-2021-32099, CVE-2020-26518 | WEB-MISC Artica Pandora Prior to 743 - SQL Injection Vulnerability Via chart_generator (CVE-2021-32099, CVE-2020-26518) |
999028 | CVE-2021-32098 | WEB-MISC Artica Pandora Prior to 743 - Phar Deserialization Vulnerability Via progressbubble (CVE-2021-32098) |
999029 | CVE-2021-32098 | WEB-MISC Artica Pandora Prior to 743 - Phar Deserialization Vulnerability Via progressbar (CVE-2021-32098) |
999030 | CVE-2021-30149 | WEB-MISC Composr 10.0.36 - Remote Code Execution Vulnerability (CVE-2021-30149) |
999031 | CVE-2021-25114 | WEB-WORDPRESS Paid Memberships Pro Plugin Prior to 2.6.7 - SQLi Vulnerability Via rest_route and discount_code (CVE-2021-25114) |
999032 | CVE-2021-25114 | WEB-WORDPRESS Paid Memberships Pro Plugin Prior to 2.6.7 - SQLi Vulnerability Via wp-json and discount_code (CVE-2021-25114) |
999033 | CVE-2021-21984 | WEB-MISC VMware vRealize Business for Cloud 7.x prior to 7.6.0 - Remote Code Execution Vulnerability (CVE-2021-21984) |