Signature update version 48
New signatures rules are generated for the vulnerabilities identified in the week 2020-07-01. You can download and configure these signature rules to protect your appliance from security vulnerable attacks.
Signature version
Signature version 48 is compatible with the following software versions of Citrix Application Delivery Controller (ADC) 11.1, 12.0, 12.1, 13.0 and 13.1.
Citrix ADC version 12.0 has reached end of life (EOL). For more information, see release life cycle page.
Note:
Enabling Post body and Response body signature rules might affect Citrix ADC CPU.
Common Vulnerability Entry (CVE) insight
Following is a list of signature rules, CVE IDs, and its description.
| Signature rule | CVE ID | Description |
|---|---|---|
| 999563 | WEB-WORDPRESS Page Builder PageLayer plug-in Prior to 1.1.2 - cross-site scripting Vulnerability Via pagelayer_cf_to_email | |
| 999564 | WEB-WORDPRESS Page Builder PageLayer plug-in Prior to 1.1.2 - cross-site scripting Vulnerability Via pagelayer-phone | |
| 999565 | WEB-WORDPRESS Page Builder PageLayer plug-in Prior to 1.1.2 - cross-site scripting Vulnerability Via pagelayer-address | |
| 999566 | CVE-2020-1961 | WEB-MISC Apache Syncope - Server-Side Template Injection Vulnerability (CVE-2020-1961) |
| 999567 | CVE-2019-18935 | WEB-MISC Progress Telerik UI For ASP.NET AJAX - RadAsyncUpload .NET Deserialization Vulnerability (CVE-2019-18935) |
| 999568 | CVE-2020-9463 | WEB-MISC Centreon 19.10 - OS Command Injection Vulnerability (CVE-2020-9463) |
| 999569 | WEB-WORDPRESS Support Review plug-in Prior to 3.7.6 - Unauthenticated Stored Cross Site Scripting Vulnerability | |
| 999570 | WEB-WORDPRESS Page Builder PageLayer plug-in Prior to 1.1.2 - Improper Access Control Vuln Via pagelayer_save_template | |
| 999571 | WEB-WORDPRESS Page Builder PageLayer plug-in Prior to 1.1.2 - Improper Access Control Vuln Via pagelayer_update_site_title | |
| 999572 | WEB-WORDPRESS Page Builder PageLayer plug-in Prior to 1.1.2 - Improper Access Control Vuln Via pagelayer_save_content | |
| 999573 | WEB-WORDPRESS Drag And Drop Upload For Contact Form 7 Prior To 1.3.3.3 - Arbitrary File Extension Upload Vulnerability | |
| 999574 | CVE-2020-9314 | WEB-MISC Oracle iPlanet Web Server 7.0.x - Image Injection Vulnerability (CVE-2020-9314) |
| 999575 | CVE-2020-9484 | WEB-MISC Apache Tomcat Multiple Versions - Deserialization of Untrusted Data (CVE-2020-9484) |
| 999576 | CVE-2020-13252 | WEB-MISC Centreon Prior to 19.04.15 - Remote Code Execution Vulnerability (CVE-2020-13252) |
| 999577 | CVE-2020-11453 | WEB-MISC Microstrategy Web - CSRF Vulnerability Via SOAP (CVE-2020-11453) |
| 999578 | CVE-2020-11453 | WEB-MISC Microstrategy Web - CSRF Vulnerability (CVE-2020-11453) |
| 999579 | CVE-2020-7237 | WEB-MISC Cacti Prior to 1.2.8 - Remote Code Execution Vulnerability (CVE-2020-7237) |
Signature update version 48
Copied!
Failed!