ADC

Signature update version 77

September 21, 2023

Contributed by:

C S

New signatures rules are generated for the vulnerabilities identified in the week 2022-02-25. You can download and configure these signature rules to protect your appliance from security vulnerable attacks.

Signature version

Signature version 77 applicable for NetScaler 11.1, NetScaler 12.0, Citrix ADC 12.1, Citrix ADC 13.0, Citrix ADC 13.1 platforms.

Note:

Enabling Post body and Response body signature rules might affect Citrix ADC CPU.

Common Vulnerability Entry (CVE) insight

Following is a list of signature rules, CVE IDs, and its description.

Signature rule	CVE ID	Description
999034		WEB-WORDPRESS WordPress 5.9 - Stored XSS Vulnerability Via Page Excerpt in Json Object
999035		WEB-WORDPRESS WordPress 5.9 - Stored XSS Vulnerability Via Page Excerpt in Form
999036		WEB-WORDPRESS WordPress 5.9 - Stored XSS Vulnerability Via post.php
999037		WEB-WORDPRESS WordPress 5.9 - Stored XSS Vulnerability Via Post Excerpt in Json Object
999038		WEB-WORDPRESS WordPress 5.9 - Stored XSS Vulnerability Via Post Excerpt in Form
999039		WEB-MISC Path Traversal Vulnerability Via Form Field Values
999040		WEB-MISC Path Traversal Vulnerability Via URI
999041	CVE-2022-23221	WEB-MISC H2 Console Prior to 2.1.210 - Remote Code Execution Vulnerability Via test.do (CVE-2022-23221)
999042	CVE-2022-23221	WEB-MISC H2 Console Prior to 2.1.210 - Remote Code Execution Vulnerability Via login.do (CVE-2022-23221)
999043	CVE-2022-21662	WEB-WORDPRESS WordPress Prior to 5.8.3 - Stored Cross-Site Scripting Vulnerability (CVE-2022-21662)
999044	CVE-2022-0320	WEB-WORDPRESS The Essential Addons for Elementor Plugin Prior to 5.0.5 - LFI Via eael_product_gallery (CVE-2022-0320)
999045	CVE-2022-0320	WEB-WORDPRESS The Essential Addons for Elementor Plugin Prior to 5.0.5 - LFI Via woo_product_pagination_product (CVE-2022-0320)
999046	CVE-2022-0320	WEB-WORDPRESS The Essential Addons for Elementor Plugin Prior to 5.0.5 - LFI Via load_more (CVE-2022-0320)

The official version of this content is in English. Some of the Cloud Software Group documentation content is machine translated for your convenience only. Cloud Software Group has no control over machine-translated content, which may contain errors, inaccuracies or unsuitable language. No warranty of any kind, either expressed or implied, is made as to the accuracy, reliability, suitability, or correctness of any translations made from the English original into any other language, or that your Cloud Software Group product or service conforms to any machine translated content, and any warranty provided under the applicable end user license agreement or terms of service, or any other agreement with Cloud Software Group, that the product or service conforms with any documentation shall not apply to the extent that such documentation has been machine translated. Cloud Software Group will not be held responsible for any damage or issues that may arise from using machine-translated content.

Signature update version 77

September 21, 2023

Contributed by:

C S

September 21, 2023

Contributed by:

C S

Signature update version 77

Signature version

Common Vulnerability Entry (CVE) insight

In this article