Signature update version 104
New signatures rules are generated for the vulnerabilities identified in the week 2023-03-28. You can download and configure these signature rules to protect your appliance from security vulnerable attacks.
Signature version
Signature version 104 applicable for NetScaler 11.1, NetScaler 12.0, Citrix ADC 12.1, Citrix ADC 13.0, Citrix ADC 13.1 platforms.
Note
Enabling Post body and Response body signature rules might affect Citrix ADC CPU.
Common Vulnerability Entry (CVE) insight
Following is a list of signature rules, CVE IDs, and its description.
| Signature rule | CVE ID | Description |
|---|---|---|
| 998737 | CVE-2023-25135 | WEB-MISC vBulletin Mutiple Version - PHP Object Injection Vulnerability via searchprefs (CVE-2023-25135) |
| 998738 | CVE-2023-25135 | WEB-MISC vBulletin Mutiple Version - PHP Object Injection Vulnerability via pmfolders (CVE-2023-25135) |
| 998739 | CVE-2023-25135 | WEB-MISC vBulletin Mutiple Version - PHP Object Injection Vulnerability via subfolders (CVE-2023-25135) |
| 998740 | CVE-2023-23752 | WEB-MISC Joomla! 4.x up to 4.2.7 - API Improper Access Check Vulnerability (CVE-2023-23752) |
| 998741 | CVE-2023-22974 | WEB-MISC OpenEMR Prior To 7.0.0 - Information Disclosure Vulnerability (CVE-2023-22974) |
| 998742 | CVE-2023-22952 | WEB-MISC SugarCRM before 12.0 Hotfix 91155 - EmailTemplates PHP Code Injection Vulnerability (CVE-2023-22952) |
| 998743 | CVE-2023-22374 | WEB-MISC F5 BIG-IP Multiple Versions - Format String Vulnerability (CVE-2023-22374) |
| 998744 | CVE-2023-20858 | WEB-MISC VMware Carbon Black App Control Multiple Versions - SQL Injection Vulnerability (CVE-2023-20858) |
| 998745 | CVE-2022-47002, CVE-2022-47003 | WEB-MISC Mura CMS and Masa CMS - Authentication Bypass Vulnerability (CVE-2022-47002, CVE-2022-47003) |
| 998746 | CVE-2022-4506 | WEB-MISC OpenEMR Prior To 7.0.0.2 - Arbitrary File Upload Vulnerability (CVE-2022-4506) |
| 998747 | CVE-2022-44298 | WEB-MISC SiteServer CMS Prior to 7.2.0 - SQL Injection Vulnerability (CVE-2022-44298) |
| 998748 | CVE-2022-44297 | WEB-MISC SiteServer CMS Prior to 7.2.0 - SQL Injection Vulnerability (CVE-2022-44297) |
| 998749 | CVE-2022-43709 | WEB-MISC MyBB Prior to 1.8.32 - SQL Injection Vulnerability (CVE-2022-43709) |
| 998750 | CVE-2022-40300 | WEB-MISC Zoho ManageEngine PasswordManagerPro, PAM360 and AccessManagerPlus have SQL injection vulnerabilities.(CVE-2022-40300) |
| 998751 | CVE-2022-36633 | WEB-MISC Teleport 9.3.6 - Command Injection (CVE-2022-36633) |
| 998752 | CVE-2022-35947 | WEB-MISC GLPI Up to 10.0.2 - SQL Injection Vulnerability via JSON (CVE-2022-35947) |
| 998753 | CVE-2022-35947 | WEB-MISC GLPI Up to 10.0.2 - SQL Injection Vulnerability via Form (CVE-2022-35947) |
| 998754 | CVE-2022-35914 | WEB-MISC GLPI Up to 10.0.2 - PHP Code Injection Vulnerability in htmLawedTest (CVE-2022-35914) |
| 998755 | CVE-2022-30547 | WEB-MISC WWBN AVideo Path Travesal (CVE-2022-30547) |
| 998756 | CVE-2022-24734 | WEB-MISC MyBB Prior to 1.8.30 - Remote Code Execution Vulnerability (CVE-2022-24734) |
| 998757 | CVE-2020-17496 | WEB-MISC vBulletin 5.5.4 through 5.6.2 - Remote Code Execution Vulnerability via routestring (CVE-2020-17496) |
| 998758 | CVE-2020-17496 | WEB-MISC vBulletin 5.5.4 through 5.6.2 - Remote Code Execution Vulnerability (CVE-2020-17496) |
| 998759 | CVE-2019-16759 | WEB-MISC vBulletin 5.x through 5.5.4 - Remote Code Execution Vulnerability via routestring (CVE-2019-16759) |
| 998760 | CVE-2019-16759 | WEB-MISC vBulletin 5.x through 5.5.4 - Remote Code Execution Vulnerability (CVE-2019-16759) |
Signature update version 104
Copied!
Failed!