Signature update version 59
New signatures rules are generated for the vulnerabilities identified in the week 2021-03-08. You can download and configure these signature rules to protect your appliance from security vulnerable attacks.
Signature version
Signature version 59 is compatible with the following software versions of Citrix Application Delivery Controller (ADC) 11.1, 12.0, 12.1, 13.0 and 13.1.
Citrix ADC version 12.0 has reached end of life (EOL). For more information, see release life cycle page.
Note:
Enabling Post body and Response body signature rules might affect Citrix ADC CPU.
Common Vulnerability Entry (CVE) insight
Following is a list of signature rules, CVE IDs, and its description.
Signature rule | CVE ID | Description |
---|---|---|
999313 | CVE-2021-25299 | WEB-MISC NagiosXI Up to 5.7.5 - XSS Vulnerability via url (CVE-2021-25299) |
999314 | CVE-2021-25298 | WEB-MISC NagiosXI Up to 5.7.5 - Remote Code Execution Vulnerability via DigitalOcean Wizard (CVE-2021-25298) |
999315 | CVE-2021-25297 | WEB-MISC NagiosXI Up to 5.7.5 - Remote Code Execution Vulnerability via Switch Wizard (CVE-2021-25297) |
999316 | CVE-2021-25296 | WEB-MISC NagiosXI Up to 5.7.5 - Remote Code Execution Vulnerability via WindowsWMI Wizard (CVE-2021-25296) |
999317 | CVE-2021-24164 | WEB-WORDPRESS Ninja Forms Plugin Prior to 3.4.34.1 - Information Disclosure Vulnerability (CVE-2021-24164) |
999318 | CVE-2021-24163 | WEB-WORDPRESS Ninja Forms Plugin Prior to 3.4.34 - Authorization Bypass Vulnerability (CVE-2021-24163) |
999319 | CVE-2021-21972 | WEB-MISC VMWare vCenter Server Plugin - Remote Code Execution Vulnerability (CVE-2021-21972) |
999320 | CVE-2020-35129 | WEB-MISC Mautic Prior to 3.2.4 - XSS Vulnerability Via New Social Monitoring Form (CVE-2020-35129) |
999321 | CVE-2020-35129 | WEB-MISC Mautic Prior to 3.2.4 - XSS Vulnerability Via Edit Social Monitoring Form (CVE-2020-35129) |
999322 | CVE-2020-35128 | WEB-MISC Mautic Prior to 3.2.4 - XSS Vulnerability Via New Companies Form (CVE-2020-35128) |
999323 | CVE-2020-35128 | WEB-MISC Mautic Prior to 3.2.4 - XSS Vulnerability Via Edit Companies Form (CVE-2020-35128) |
999324 | CVE-2020-35125 | WEB-MISC Mautic Prior to 3.2.4 - XSS Vulnerability Via Referer Header (CVE-2020-35125) |
999325 | CVE-2020-35125 | WEB-MISC Mautic Prior to 3.2.4 - XSS Vulnerability Via mauticform[return] (CVE-2020-35125) |
999326 | CVE-2020-13933 | WEB-MISC Apache Shiro Prior to 1.6.0 - Authentication Bypass Vulnerability Via Semicolon (CVE-2020-13933) |
999327 | CVE-2020-13921, CVE-2020-9483 | WEB-MISC Apache SkyWalking Prior to 8.4.0 - SQL Injection Vulnerability Via queryLogs Feature (CVE-2020-13921, CVE-2020-9483) |