Signature update version 93
New signatures rules are generated for the vulnerabilities identified in the week 2022-10-02. You can download and configure these signature rules to protect your appliance from security vulnerable attacks.
Signature version
Signature version 93 applicable for NetScaler 11.1, NetScaler 12.0, NetScaler 12.1, NetScaler 13.0, NetScaler 13.1 platforms.
Note
Enabling Post body and Response body signature rules might affect NetScaler CPU.
Common Vulnerability Entry (CVE) insight
Following is a list of signature rules, CVE IDs, and its description.
| Signature rule | CVE ID | Description |
|---|---|---|
| 998871 | CVE-2022-41082, CVE-2022-41040 | WEB-MISC Microsoft Exchange Server - RCE Vulnerability (CVE-2022-41082, CVE-2022-41040) |
| 998872 | CVE-2022-37299 | WEB-MISC Shirne CMS 1.2.0 - Path Traversal Vulnerability Via /static/ueditor/php/controller.php (CVE-2022-37299) |
| 998873 | CVE-2022-36923 | WEB-MISC Zoho ManageEngine Multiple Products Multiple Versions - Authentication Bypass Vulnerability (CVE-2022-36923) |
| 998874 | CVE-2022-33891 | WEB-MISC Apache Spark UI Multiple Versions - Remote Code Execution Vulnerability Via doAs Parameter (CVE-2022-33891) |
| 998875 | CVE-2022-3184, CVE-2022-3183 | WEB-MISC DataProbe iBoot-PDU Prior to 1.42.06162022 - Remote Code Execution Vulnerability (CVE-2022-3184, CVE-2022-3183) |
| 998876 | CVE-2022-31814 | WEB-MISC pfSense pfBlockerNG Prior to 2.1.4_26 - Remote Code Execution Vulnerability (CVE-2022-31814) |
| 998877 | CVE-2022-31097 | WEB-MISC Apache Grafana - Unified Alerting Stored XSS Vulnerability (CVE-2022-31097) |
| 998878 | CVE-2022-2903 | WEB-WORDPRESS NinjaForms Plugin Prior to 3.6.13 - PHP Object Injection Vulnerability (CVE-2022-2903) |
| 998879 | CVE-2022-2552 | WEB-WORDPRESS Duplicator Plugin Prior to 1.4.7.1 - Unauthenticated Information Disclosure Vulnerability (CVE-2022-2552) |
| 998880 | CVE-2022-23854 | WEB-MISC AVEVA InTouch Access Anywhere Secure Gateway - Path Traversal Vulnerability Via SG URI (CVE-2022-23854) |
| 998881 | CVE-2022-23854 | WEB-MISC AVEVA InTouch Access Anywhere Secure Gateway - Path Traversal Vulnerability Via Blaze URI (CVE-2022-23854) |
| 998882 | CVE-2022-23854 | WEB-MISC AVEVA InTouch Access Anywhere Secure Gateway - Path Traversal Vulnerability Via AccessAnywhere URI (CVE-2022-23854) |
| 998883 | CVE-2017-9841 | WEB-MISC PHPUnit Before 4.8.28 and 5.x Before 5.6.3 - Remote Code Execution Vulnerability Via eval-stdin.php (CVE-2017-9841) |
Consolidated and updated signature rules
A few redundant signature rules are deleted and the CVE IDs of these rules are consolidated in the updated rules. Make sure to enable the corresponding signature rules for each deleted rule.
The following table lists the consolidated and updated signature rule IDs:
| Deleted Signature Rules | Updated Signature Rules | CVE ID |
|---|---|---|
| 1242 | 1243 | CVE-2000-0071 |
| 1245 | 1244 | CVE-2000-0071 |
| 1589 | 1221 | CVE-2001-0224, NESSUS-10609 |
| 1648 | 832 | CVE-1999-0509, NESSUS-10173, www.cert.org/advisories/CA-1996-11.html
|
| 1700 | 821 | CVE-1999-0951, NESSUS-10122 |
| 2598 | 2597 | CVE-2004-0600 |
| 999779 | 999721 | CVE-2019-14994 |
| 999861 | 999859 | CVE-2019-12099 |
| 999862 | 999857 | https://www.wordfence.com/blog/2019/05s-command-injection-vulnerability-patched-in-wp-database-backup-plugin/ |
| 999863 | 999858 | https://www.wordfence.com/blog/2019/05/privilege-escalation-flaw-present-in-slick-popup-plugin/ |
Signature update version 93
Copied!
Failed!