ADC

Signature update version 105

New signatures rules are generated for the vulnerabilities identified in the week 2023-04-18. You can download and configure these signature rules to protect your appliance from security vulnerable attacks.

Signature version

Signature version 105 applicable for NetScaler 11.1, NetScaler 12.0, Citrix 12.1, Citrix 13.0, NetScaler 13.1, NetScaler 14.1 platforms.

Note

Enabling Post body and Response body signature rules might affect NetScaler CPU.

Common Vulnerability Entry (CVE) insight

Following is a list of signature rules, CVE IDs, and its description.

Signature rule CVE ID Description
998722 CVE-2023-28432 WEB-MISC MinIO Prior to RELEASE.2023-03-20T20-16-18Z - Information Disclosure Vulnerability (CVE-2023-28432)
998723 CVE-2023-25802 WEB-MISC Roxy-WI Prior to 6.3.7.0 - Path Traversal Vulnerability (CVE-2023-25802)
998724 CVE-2023-23488 WEB-WORDPRESS Paid Memberships Pro Prior to 2.9.8 - REST_ROUTE Unauthenticated SQL Injection Vulnerability (CVE-2023-23488)
998725 CVE-2023-23488 WEB-WORDPRESS Paid Memberships Pro Prior to 2.9.8 - REST API Unauthenticated SQL Injection Vulnerability (CVE-2023-23488)
998726 CVE-2023-1658 WEB-MISC Contec CONPROSYS HMI System Prior to 3.5.2 - Pre-Auth SQL Injection Vulnerability (CVE-2023-1658)
998727 CVE-2023-0955 WEB-WORDPRESS WP Statistics Plugin Prior to 14.0 - REST_ROUTE SQL Injection Vulnerability Via ID (CVE-2023-0955)
998728 CVE-2023-0955 WEB-WORDPRESS WP Statistics Plugin Prior to 14.0 - REST API SQL Injection Vulnerability Via ID (CVE-2023-0955)
998729 CVE-2023-0955 WEB-WORDPRESS WP Statistics Plugin Prior to 14.0 - REST_ROUTE SQL Injection Vulnerability Via type (CVE-2023-0955)
998730 CVE-2023-0955 WEB-WORDPRESS WP Statistics Plugin Prior to 14.0 - REST API SQL Injection Vulnerability Via type (CVE-2023-0955)
998731 CVE-2023-0669 WEB-MISC Fortra GoAnywhere MFT Prior to 7.1.2 - Unauthenticated Remote Code Execution Vulnerability (CVE-2023-0669)
998732 CVE-2022-24697 WEB-MISC Apache Kylin - Command Injection Vulnerability Via Configuration Overwrites (CVE-2022-24697)
998733 CVE-2022-21587 WEB-MISC Oracle Web Applications Desktop Integrator - Path Traveral Vulnerability Via BneOfflineLOVService (CVE-2022-21587)
998734 CVE-2022-21587 WEB-MISC Oracle Web Applications Desktop Integrator - Path Traveral Vulnerability Via BneDownloadService (CVE-2022-21587)
998735 CVE-2022-21587 WEB-MISC Oracle Web Applications Desktop Integrator - Path Traveral Vulnerability Via BneViewerXMLService (CVE-2022-21587)
998736 CVE-2022-21587 WEB-MISC Oracle Web Applications Desktop Integrator - Path Traveral Vulnerability Via BneUploaderService (CVE-2022-21587)
Signature update version 105