ADC

Signature update version 90

September 21, 2023

Contributed by:

C S

New signatures rules are generated for the vulnerabilities identified in the week 2022-07-30. You can download and configure these signature rules to protect your appliance from security vulnerable attacks.

Signature version

Signature version 90 applicable for NetScaler 11.1, NetScaler 12.0, Citrix ADC 12.1, Citrix ADC 13.0, Citrix ADC 13.1 platforms.

Note

Enabling Post body and Response body signature rules might affect Citrix ADC CPU.

Common Vulnerability Entry (CVE) insight

Following is a list of signature rules, CVE IDs, and its description.

Signature rule	CVE ID	Description
998929	CVE-2022-34871	WEB-MISC Centreon Prior to 21.10.6 - SQL Injection Vulnerability (CVE-2022-34871)
998930	CVE-2022-29846	WEB-MISC In Progress Ipswitch WhatsUp Gold - Information Disclosure Vulnerability (CVE-2022-29846)
998931	CVE-2022-29845	WEB-MISC In Progress Ipswitch WhatsUp Gold - Path Traversal Vulnerability (CVE-2022-29845)
998932	CVE-2022-28055	WEB-MISC FusionPBX Prior to 5.0.1 - Remote Code Execution Vulnerability (CVE-2022-28055)
998933	CVE-2022-26138	WEB-MISC Atlassian Questions For Confluence App - Hardcoded Credentials Vulnerability Via REST API (CVE-2022-26138)
998934	CVE-2022-26138	WEB-MISC Atlassian Questions For Confluence App - Hardcoded Credentials Vulnerability Via Login Form (CVE-2022-26138)
998935	CVE-2022-26135	WEB-MISC Jira Server and Data Center - Mobile Plugin Server-Side Request Forgery Vulnerability (CVE-2022-26135)
998936	CVE-2022-21445	WEB-MISC Oracle OBIEE ADF Faces - Deserialization of Untrusted Data Vulnerability (CVE-2022-21445)
998937	CVE-2022-2143	WEB-MISC Advantech iView Prior to 5.7.04.6469 - RCE Vulnerability Via NetworkServlet URI and fwfilename (CVE-2022-2143)
998938	CVE-2022-2143	WEB-MISC Advantech iView Prior to 5.7.04.6469 - RCE Vulnerability Via CommandServlet URI and fwfilename (CVE-2022-2143)
998939	CVE-2022-2143	WEB-MISC Advantech iView Prior to 5.7.04.6469 - RCE Vulnerability Via NetworkServlet URI and backup_filename (CVE-2022-2143)
998940	CVE-2022-2143	WEB-MISC Advantech iView Prior to 5.7.04.6469 - RCE Vulnerability Via CommandServlet URI and backup_filename (CVE-2022-2143)
998941	CVE-2022-2099	WEB-WORDPRESS WooCommerce Plugin Prior to 6.6.0 - Payment Gateway HTML Injection Vulnerability (CVE-2022-2099)

The official version of this content is in English. Some of the Cloud Software Group documentation content is machine translated for your convenience only. Cloud Software Group has no control over machine-translated content, which may contain errors, inaccuracies or unsuitable language. No warranty of any kind, either expressed or implied, is made as to the accuracy, reliability, suitability, or correctness of any translations made from the English original into any other language, or that your Cloud Software Group product or service conforms to any machine translated content, and any warranty provided under the applicable end user license agreement or terms of service, or any other agreement with Cloud Software Group, that the product or service conforms with any documentation shall not apply to the extent that such documentation has been machine translated. Cloud Software Group will not be held responsible for any damage or issues that may arise from using machine-translated content.

Signature update version 90

September 21, 2023

Contributed by:

C S

September 21, 2023

Contributed by:

C S

Signature update version 90

Signature version

Common Vulnerability Entry (CVE) insight

In this article