Signature update version 101
New signatures rules are generated for the vulnerabilities identified in the week 2023-01-24. You can download and configure these signature rules to protect your appliance from security vulnerable attacks.
Signature version
Signature version 101 applicable for NetScaler 11.1, NetScaler 12.0, Citrix ADC 12.1, Citrix ADC 13.0, Citrix ADC 13.1 platforms.
Note
Enabling Post body and Response body signature rules might affect Citrix ADC CPU.
Common Vulnerability Entry (CVE) insight
Following is a list of signature rules, CVE IDs, and its description.
| Signature rule | CVE ID | Description |
|---|---|---|
| 998790 | CVE-2022-43452 | WEB-MISC Delta Electronics DIAEnergie - SQL Injection Vulnerability Via Data Item Row Deletion (CVE-2022-43452) |
| 998791 | CVE-2022-43452 | WEB-MISC Delta Electronics DIAEnergie - SQL Injection Vulnerability Via Data Type Row Deletion (CVE-2022-43452) |
| 998792 | CVE-2022-41080 | WEB-MISC Microsoft Exchange Server - OWA Server Side Request Forgery Vulnerability (CVE-2022-41080) |
| 998793 | CVE-2022-40309 | WEB-MISC Apache Archiva Prior to 2.2.9 - Arbitrary Directory Removal Vulnerability (CVE-2022-40309) |
| 998794 | CVE-2022-40308 | WEB-MISC Apache Archiva Prior to 2.2.9 - Arbitrary File Read Vulnerability (CVE-2022-40308) |
| 998795 | CVE-2022-36962 | WEB-MISC SolarWinds Platform Prior to 2022.4 - RCE Vulnerability Via SaveToDisk Create or Update (CVE-2022-36962) |
| 998796 | CVE-2022-36962 | WEB-MISC SolarWinds Platform Prior to 2022.4 - RCE Vulnerability Via EmailUrl Create or Update (CVE-2022-36962) |
| 998797 | CVE-2022-3361 | WEB-WORDPRESS WordPress Plugin Ultimate Member Prior to 2.5.1 - Directory Traversal (CVE-2022-3361) |
| 998798 | CVE-2022-24254 | WEB-MISC Extensis Portfolio Prior to 4.0.1 - Arbitrary File Upload Vulnerability Via Backup Restore (CVE-2022-24254) |
| 998799 | CVE-2022-24253 | WEB-MISC Extensis Portfolio Prior to 4.0.1 - Path Traversal Vulnerability Via brandingUpload (CVE-2022-24253) |
| 998800 | CVE-2022-0224 | WEB-MISC Dolibarr Prior to 14.0.6 - SQL Injection Vulnerability (CVE-2022-0224) |
| 998801 | CVE-2021-35232 | WEB-MISC SolarWinds Web Help Desk Prior to 12.7.7 Hotfix 1 - Use of Hard-Coded Credentials Vulnerability (CVE-2021-35232) |
Signature update version 101
Copied!
Failed!