Signature update version 113
New signatures rules are generated for the vulnerabilities identified in the week 2023-09-22. You can download and configure these signature rules to protect your appliance from security vulnerable attacks.
Signature version
Signature version 113 applicable for NetScaler 11.1, NetScaler 12.0, Citrix ADC 12.1, Citrix ADC 13.0, NetScaler 13.1, NetScaler 14.1 platforms.
Note
Enabling Post body and Response body signature rules might affect Citrix ADC CPU.
Common Vulnerability Entry (CVE) insight
Following is a list of signature rules, CVE IDs, and its description.
Signature rule | CVE ID | Description |
---|---|---|
998614 | CVE-2023-38035 | WEB-MISC Ivanti Sentry Up To 9.18.0 - Incorrect Authorization Vulnerability via /asproxy/services/ (CVE-2023-38035) |
998615 | CVE-2023-38035 | WEB-MISC Ivanti Sentry Up To 9.18.0 - Incorrect Authorization Vulnerability via /mics/services/ (CVE-2023-38035) |
998616 | CVE-2023-36846 | WEB-MISC Juniper JunOS SRX - Missing Authentication for Critical Function Vulnerability Via webauth_operation (CVE-2023-36846) |
998617 | CVE-2023-3486 | WEB-MISC PaperCut NG Prior to 22.1.3 - Unrestricted File Upload Vulnerability (CVE-2023-3486) |
998618 | CVE-2023-34468, CVE-2023-40037 | WEB-MISC Apache NiFi Multiple Versions - Command Injection Vulnerability (CVE-2023-34468, CVE-2023-40037) |
998619 | CVE-2023-33653 | WEB-MISC Sitecore - Remote Code Execution Vulnerability (CVE-2023-33653) |
998620 | CVE-2023-33224, CVE-2023-23843 | WEB-MISC SolarWinds Orion Platform Prior to 2023.3 - Remote Code Execution Vulnerability (CVE-2023-33224, CVE-2023-23843) |
998621 | CVE-2023-32566 | WEB-MISC Ivanti Avalanche - SecureFilter Authentication Bypass Vulnerability (CVE-2023-32566) |
998622 | CVE-2023-32562 | WEB-MISC Ivanti Avalanche Prior to 6.4.1 - Unrestricted File Upload Vulnerability (CVE-2023-32562) |
998623 | CVE-2023-32315 | WEB-MISC Ignite Realtime Openfire - Path Traversal Vulnerability (CVE-2023-32315) |
998624 | CVE-2023-28128 | WEB-MISC Ivanti Avalanche Prior to 6.4.0 - Unrestricted Upload Vulnerability (CVE-2023-28128) |
998625 | CVE-2023-27066 | WEB-MISC Sitecore Up To 10.2 - Path Traversal Vulnerability (CVE-2023-27066) |
998626 | CVE-2022-23333 | WEB-MISC Contec SolarView Compact Prior to 7.21 - OS Command Injection Vulnerability (CVE-2022-23333) |
998627 | CVE-2022-37044 | WEB-MISC Zimbra Collaboration Suite Prior to 8.8.15 P33 - XSS Vulnerability via onload (CVE-2022-37044) |
998628 | CVE-2022-37044 | WEB-MISC Zimbra Collaboration Suite Prior to 8.8.15 P33 - XSS Vulnerability via extra (CVE-2022-37044) |
998629 | CVE-2022-37044 | WEB-MISC Zimbra Collaboration Suite Prior to 8.8.15 P33 - XSS Vulnerability via title (CVE-2022-37044) |
998630 | CVE-2022-24086 | WEB-MISC Adobe Magento - Arbitrary Code Execution Vulnerability Via wishlist (CVE-2022-24086) |
998631 | CVE-2022-24086 | WEB-MISC Adobe Magento - Arbitrary Code Execution Vulnerability via checkout (CVE-2022-24086) |