Signature update version 68
New signatures rules are generated for the vulnerabilities identified in the week 2021-09-11. You can download and configure these signature rules to protect your appliance from security vulnerable attacks.
Signature version
Signature version 68 is compatible with the following software versions of Citrix Application Delivery Controller (ADC) 11.1, 12.0, 12.1, 13.0 and 13.1.
Citrix ADC version 12.0 has reached end of life (EOL). For more information, see release life cycle page.
Note:
Enabling Post body and Response body signature rules might affect Citrix ADC CPU.
Common Vulnerability Entry (CVE) insight
Following is a list of signature rules, CVE IDs, and its description.
Signature rule | CVE ID | Description |
---|---|---|
999163 | CVE-2021-37556 | WEB-MISC Centreon Multiple Versions - SQL Injection Vulnerability Via End Parameter (CVE-2021-37556) |
999164 | CVE-2021-37556 | WEB-MISC Centreon Multiple Versions - SQL Injection Vulnerability Via Start Parameter (CVE-2021-37556) |
999165 | CVE-2021-37353 | WEB-MISC Nagios XI Docker Wizard Prior to 1.1.3 - SSRF Vulnerability Via host Parameter Without URI Scheme (CVE-2021-37353) |
999166 | CVE-2021-37353 | WEB-MISC Nagios XI Docker Wizard Prior to 1.1.3 - SSRF Vulnerability Via host Parameter With URI Scheme (CVE-2021-37353) |
999167 | CVE-2021-34638 | WEB-WORDPRESS Download Manager Plugin Prior to 3.1.25 - Directory Traversal Vulnerability (CVE-2021-34638) |
999168 | CVE-2021-33766 | WEB-MISC Microsoft Exchange Server - Information Disclosure Vulnerability (CVE-2021-33766) |
999169 | CVE-2021-32682 | WEB-MISC elFinder Prior To 2.1.59 - Command Injection Vulnerability Via Archive (CVE-2021-32682) |
999170 | CVE-2021-26084 | WEB-MISC Confluence Server and Data Center - OGNL Injection Vulnerability Via doenterpagevariables (CVE-2021-26084) |
999171 | CVE-2021-26084 | WEB-MISC Confluence Server and Data Center - OGNL Injection Vulnerability Via createpage-entervariables (CVE-2021-26084) |
999172 | CVE-2021-23394 | WEB-MISC elFinder Prior To 2.1.59 - Remote Code Execution Vulnerability Via Phar Makefile (CVE-2021-23394) |
999173 | CVE-2021-23394 | WEB-MISC elFinder Prior To 2.1.59 - Remote Code Execution Vulnerability Via Phar Rename (CVE-2021-23394) |
999174 | CVE-2021-23394 | WEB-MISC elFinder Prior To 2.1.59 - Remote Code Execution Vulnerability Via Phar Upload (CVE-2021-23394) |
999175 | CVE-2020-36289 | WEB-MISC Atlassian Jira Server - Information Disclosure Vulnerability Via QueryComponentRendererValue (CVE-2020-36289) |
999176 | CVE-2020-16245 | WEB-MISC Advantech iView Prior to 5.7.03.6112 - Path Traversal Vulnerability Via findSummaryCfgDeviceListExport (CVE-2020-16245) |
999177 | CVE-2020-16245 | WEB-MISC Advantech iView Prior to 5.7.03.6112 - Path Traversal Vulnerability Via findUpdateDeviceListExport (CVE-2020-16245) |
999178 | CVE-2020-13774 | WEB-MISC Ivanti Endpoint Manager Multiple Versions - RCE Vulnerability Via EditLaunchPadDialog.aspx (CVE-2020-13774) |
999179 | CVE-2020-1147 | WEB-MISC Microsoft SharePoint Server - Remote Code Execution Vulnerability Via Custom Page (CVE-2020-1147) |
999180 | CVE-2020-1147 | WEB-MISC Microsoft SharePoint Server - Remote Code Execution Vulnerability Via quicklinksdialogform.aspx (CVE-2020-1147) |
999181 | CVE-2020-1147 | WEB-MISC Microsoft SharePoint Server - Remote Code Execution Vulnerability Via quicklinks.aspx (CVE-2020-1147) |
999182 | CVE-2020-11110 | WEB-MISC Apache Grafana Up to 6.7.1 - XSS Vulnerability (CVE-2020-11110) |
999522 | CVE-2020-13379 | WEB-MISC Grafana 3.0.1 Through 7.0.1 - CSRF Bypass Leading To DOS Vulnerability (CVE-2020-13379) |