Signature update version 120
New signatures rules are generated for the vulnerabilities identified in the week 2023-12-19. You can download and configure these signature rules to protect your appliance from security vulnerable attacks.
Signature version
Signature version 120 applicable for NetScaler 11.1, NetScaler 12.0, Citrix ADC 12.1, Citrix ADC 13.0, NetScaler 13.1, NetScaler 14.1 platforms.
Note
Enabling Post body and Response body signature rules might affect NetScaler CPU.
Common Vulnerability Entry (CVE) insight
Following is a list of signature rules, CVE IDs, and its description.
Signature rule | CVE ID | Description |
---|---|---|
998559 | CVE-2023-50164 | WEB-STRUTS Apache Struts Prior to 6.3.0.2 - Path Traversal Vulnerability (CVE-2023-50164) |
998560 | CVE-2023-49105 | WEB-MISC ownCloud Prior to 10.13.1 - Access Control Bypass Vulnerability (CVE-2023-4105) |
998561 | CVE-2023-49103 | WEB-MISC ownCloud Multiple Versions - Information Disclosure Vulnerability (CVE-2023-49103) |
998562 | CVE-2023-47246 | WEB-MISC SysAid Server On-Premise Prior to 23.3.36 - Path Traversal Vulnerability (CVE-2023-47246) |
998563 | CVE-2023-46509 | WEB-MISC Contec SolarView Compact 6.0 and Prior - OS Command Injection Vulnerability (CVE-2023-46509) |
998564 | CVE-2023-44450 | WEB-MISC NETGEAR ProSAFE Network Management System Prior to 1.7.0.31 - SQL Injection Vulnerability (CVE-2023-44450) |
998565 | CVE-2023-44449 | WEB-MISC NETGEAR ProSAFE Network Management System Prior to 1.7.0.31 - SQL Injection Vulnerability (CVE-2023-44449) |
998566 | CVE-2023-44351, CVE-2023-44353 | WEB-MISC Adobe ColdFusion - Deserialization of Untrusted Data Vulnerability (CVE-2023-44351, CVE-2023-44353) |
998567 | CVE-2023-43177 | WEB-MISC CrushFTP Prior to 10.5.1 - Improper Control of Dynamically-Managed Code Resources Vulnerability (CVE-2023-43177) |
998568 | CVE-2023-40062 | WEB-MISC SolarWinds Orion Prior to 2023.4.0 - Improper Input Validation Vulnerability Via TestAction (CVE-2023-40062) |
998569 | CVE-2023-40062 | WEB-MISC SolarWinds Orion Prior to 2023.4.0 - Improper Input Validation Vulnerability Via /api/WriteToFile/ (CVE-2023-40062) |
998570 | CVE-2023-40055 | WEB-MISC SolarWinds NCM Prior to 2023.4.1 - Directory Traversal Vulnerability Via SaveResultsToFile (CVE-2023-40055) |
998571 | CVE-2023-40054 | WEB-MISC SolarWinds NCM Prior to 2023.4.1 - Directory Traversal Vulnerability Via txtConfigTemplate (CVE-2023-40054) |
998572 | CVE-2023-40054 | WEB-MISC SolarWinds NCM Prior to 2023.4.1 - Directory Traversal Vulnerability Via txtPath (CVE-2023-40054) |
998573 | CVE-2023-39912 | Zoho ADManager Plus Prior to 7203 - Directory traversal Vulnerability (CVE-2023-39912) |
998574 | CVE-2023-35150 | WEB-MISC XWiki Multiple Versions - Arbitrary Code Injection Vulnerability (CVE-2023-35150) |
998575 | CVE-2023-32707 | WEB-MISC Splunk Enterprise - Escalation of Privileges Vulnerability (CVE-2023-32707) |
998576 | CVE-2023-30943 | WEB-MISC Moodle Prior to 4.1.3 - TinyMCE Loaders Stored Cross-Site Scripting Vulnerability Via loader (CVE-2023-30943) |
998577 | CVE-2023-30943 | WEB-MISC Moodle Prior to 4.1.3 - TinyMCE Loaders Stored Cross-Site Scripting Vulnerability Via lang (CVE-2023-30943) |
998578 | CVE-2023-2943 | WEB-MISC OpenEMR Prior to 7.0.1 - HTML Code Injection Vulnerability (CVE-2023-2943) |