Signature update version 46
New signatures rules are generated for the vulnerabilities identified in the week 2020-06-03. You can download and configure these signature rules to protect your appliance from security vulnerable attacks.
Signature version
Signatures are compatible with the following software versions of Citrix Application Delivery Controller (ADC) 11.1, 12.0, 12.1, 13.0 and 13.1.
NetScaler version 12.0 has reached end of life (EOL). For more information, see release life cycle page.
Note:
Enabling Post body and Response body signature rules might affect NetScaler CPU.
Common Vulnerability Entry (CVE) insight
Following is a list of signature rules, CVE IDs, and its description.
Signature rule | CVE ID | Description |
---|---|---|
999643 | WEB-WORDPRESS 10Web Map Builder for Google Maps plug-in Prior to 10.0.64 - Unauthenticated cross-site scripting Vulnerability Via gmwd_setup Page | |
999644 | WEB-WORDPRESS 10Web Map Builder for Google Maps plug-in 10.0.64 and Prior - cross-site scripting Vulnerability Via options_gmwd Page | |
999645 | CVE-2020-5187 | WEB-MISC DNN Up To 9.4.4 - Path Traversal Vulnerability Via URL (CVE-2020-5187) |
999646 | CVE-2020-5187 | WEB-MISC DNN Up To 9.4.4 - Path Traversal Vulnerability Via Local (CVE-2020-5187) |
999647 | CVE-2020-9335 | WEB-WORDPRESS Photo Gallery plug-in Prior to 1.5.46 - cross-site scripting Vulnerability Via image_alt_text_ Field (CVE-2020-9335) |
999648 | CVE-2020-9335 | WEB-WORDPRESS Photo Gallery plug-in Prior to 1.5.46 - cross-site scripting Vulnerability Via Name Field (CVE-2020-9335) |
999649 | CVE-2020-9335 | WEB-WORDPRESS Photo Gallery plug-in Prior to 1.5.46 - cross-site scripting Vulnerability Via Description Fields (CVE-2020-9335) |
999650 | CVE-2020-10189 | WEB-MISC Zoho ManageEngine Desktop Central Prior to 10.0.479 - Unauthenticated Remote Code Execution Vuln (CVE-2020-10189) |
999651 | CVE-2020-10189 | WEB-MISC Zoho ManageEngine Desktop Central Prior to 10.0.479 - Unauthenticated Arbitrary File Upload Vuln (CVE-2020-10189) |
999652 | WEB-WORDPRESS Flexible Checkout Fields for WooCommerce plug-in Prior to 2.3.2 - Unauthenticated Settings Modification Vuln | |
999653 | CVE-2020-0688 | WEB-MISC Microsoft Exchange Server - Validation Key Remote Code Execution Vulnerability (CVE-2020-0688) |
999654 | CVE-2020-8947, CVE-2019-20224 | WEB-MISC Artica Pandora FMS 7.0 - Remote Code Execution Vulnerability Via ip_src Parameter (CVE-2020-8947, CVE-2019-20224) |
999655 | CVE-2020-8947, CVE-2019-20224 | WEB-MISC Artica Pandora FMS 7.0 - Remote Code Execution Vulnerability Via dst_port Parameter (CVE-2020-8947, CVE-2019-20224) |
999656 | CVE-2020-8947, CVE-2019-20224 | WEB-MISC Artica Pandora FMS 7.0 - Remote Code Execution Vulnerability Via src_port Parameter (CVE-2020-8947, CVE-2019-20224) |
999657 | CVE-2020-8947, CVE-2019-20224 | WEB-MISC Artica Pandora FMS 7.0 - Remote Code Execution Vulnerability Via ip_dst Parameter (CVE-2020-8947, CVE-2019-20224) |
999658 | CVE-2020-5186 | WEB-MISC DNN Up To 9.5.0 - Cross Site Scripting Vulnerability Via Journal XML Upload (CVE-2020-5186) |
999659 | WEB-WORDPRESS WP Sitemap Page plug-in 1.6.2 and Prior - cross-site scripting Vulnerability Via wsp_exclude_pages | |
999660 | CVE-2020-5188 | WEB-MISC DNN Up To 9.5.0 - Insecure Permissions Vulnerability Via UploadFromUrl (CVE-2020-5188) |
999661 | CVE-2020-5188 | WEB-MISC DNN Up To 9.5.0 - Insecure Permissions Vulnerability Via UploadFromLocal (CVE-2020-5188) |
999662 | CVE-2020-7799 | WEB-MISC FusionAuth Prior To 1.11.0 - Remote Code Execution Vulnerability Via API Theme (CVE-2020-7799) |
999663 | CVE-2020-7799 | WEB-MISC FusionAuth Prior To 1.11.0 - Remote Code Execution Vulnerability Via API Email Template (CVE-2020-7799) |
999664 | CVE-2020-7799 | WEB-MISC FusionAuth Prior To 1.11.0 - Remote Code Execution Vulnerability Via GUI Theme (CVE-2020-7799) |
999665 | CVE-2020-7799 | WEB-MISC FusionAuth Prior To 1.11.0 - Remote Code Execution Vulnerability Via GUI Email Template (CVE-2020-7799) |