ADC

Signature update version 139

New signatures rules are generated for the vulnerabilities identified in the week 2024-10-02. You can download and configure these signature rules to protect your appliance from security vulnerable attacks.

Signature version

Signature version 139 applicable for NetScaler 11.1, NetScaler 12.0, Citrix ADC 12.1, Citrix ADC 13.0, NetScaler 13.1, NetScaler 14.1 platforms.

Note

Enabling Post body and Response body signature rules might affect NetScaler CPU.

Common Vulnerability Entry (CVE) insight

Following is a list of signature rules, CVE IDs, and its description.

Signature rule CVE ID Description
998418 CVE-2024-7591 WEB-MISC Progress LoadMaster Prior To 7.2.60.1 - Authenticated OS Command Injection Vulnerability (CVE-2024-7591)
998419 CVE-2024-6658 WEB-MISC Progress LoadMaster Prior To 7.2.60.1 - OS Command Injection Vulnerability (CVE-2024-6658)
998420 CVE-2024-5015 WEB-MISC WhatsUp Gold Prior To 2023.1.3 - SSRF Vulnerability (CVE-2024-5015)
998421 CVE-2024-45507 WEB-MISC Apache Ofbiz Prior to 18.12.16 - SSRF Vulnerability (CVE-2024-45507)
998422 CVE-2024-45195 WEB-MISC Apache Ofbiz Prior to 18.12.16 - Direct Request (‘Forced Browsing’) vulnerability (CVE-2024-45195)
998423 CVE-2024-29824 WEB-MISC Ivanti Endpoint Manager Prior To v2022 SU5 - SQL Injection RCE Vulnerability (CVE-2024-29824)
998424 CVE-2024-2448 WEB-MISC Progress LoadMaster - OS Command Injection Vulnerability (CVE-2024-2448)
998425 CVE-2024-1212 WEB-MISC Progress LoadMaster - Unauthenticated OS Command Injection Vulnerability via accessv2 (CVE-2024-1212)
998426 CVE-2024-1212 WEB-MISC Progress LoadMaster - Unauthenticated OS Command Injection Vulnerability via access (CVE-2024-1212)
Signature update version 139