ADC

Signature update version 119

New signatures rules are generated for the vulnerabilities identified in the week 2023-11-23. You can download and configure these signature rules to protect your appliance from security vulnerable attacks.

Signature version

Signature version 119 applicable for NetScaler 11.1, NetScaler 12.0, Citrix ADC 12.1, Citrix ADC 13.0, NetScaler 13.1, NetScaler 14.1 platforms.

Note

Enabling Post body and Response body signature rules might affect NetScaler CPU.

Common Vulnerability Entry (CVE) insight

Following is a list of signature rules, CVE IDs, and its description.

Signature rule CVE ID Description
998579 CVE-2023-40934 WEB-MISC NagiosXI Prior to 5.11.2 - SQL Injection Vulnerability (CVE-2023-40934)
998580 CVE-2023-40932 WEB-MISC NagiosXI Prior to 5.11.2 - XSS Vulnerability (CVE-2023-40932)
998581 CVE-2023-40045 WEB-MISC Progress WS_FTP Server Prior to 8.7.4 and 8.8.2 - Ad Hoc Cross-Site Scripting Vulnerability
998582 CVE-2023-37265 WEB-MISC CasaOS Prior To 0.4.4 - Remote Code Execution Vulnerability via apps_restart (CVE-2023-37265)
998583 CVE-2023-37265 WEB-MISC CasaOS Prior To 0.4.4 - Remote Code Execution Vulnerability via /app_management/compose (CVE-2023-37265)
998584 CVE-2023-3256 WEB-MISC Advantech R-SeeNet Prior to 2.4.23 - Use of Hard-Coded Credentials Vulnerability (CVE-2023-3256)
998585 CVE-2023-28323 WEB-MISC Ivanti Endpoint Manager Up to 2022 Su3 - Deserialization of Untrusted Data Vulnerability (CVE-2023-28323)
998586 CVE-2023-1669 WEB-WORDPRESS WP SEOPress Plugin Prior To 6.5.0.3 - PHP Object Injection Vulnerability (CVE-2023-1669)
998587 CVE-2022-3214 WEB-MISC Delta Electronics DIAEnergie - Unauthenticated Arbitrary File Upload Via HandlerUploadCalendar (CVE-2022-3214)
998588 CVE-2022-3214 WEB-MISC Delta Electronics DIAEnergie - Unauthenticated Arbitrary File Upload Via HandlerUploadTag (CVE-2022-3214)
998589 CVE-2022-3214 WEB-MISC Delta Electronics DIAEnergie - Unauthenticated Arbitrary File Upload Via HandlerUploadCarbon (CVE-2022-3214)
998590 CVE-2022-27665 WEB-MISC Progress WS_FTP Server 8.6.0 - Cross-Site Scripting Vulnerability (CVE-2022-27665)
Signature update version 119