Signature update version 106
New signatures rules are generated for the vulnerabilities identified in the week 2023-06-16. You can download and configure these signature rules to protect your appliance from security vulnerable attacks.
Signature version
Signature version 106 applicable for NetScaler 11.1, NetScaler 12.0, Citrix ADC 12.1, Citrix ADC 13.0, NetScaler 13.1, NetScaler 14.1 platforms.
Note
Enabling Post body and Response body signature rules might affect NetScaler CPU.
Common Vulnerability Entry (CVE) insight
Following is a list of signature rules, CVE IDs, and its description.
Signature rule | CVE ID | Description |
---|---|---|
998690 | CVE-2023-34362 | WEB-MISC Progress MOVEit Transfer Multiple Versions - SQL Injection Vulnerability (CVE-2023-34362) |
998691 | CVE-2023-32243 | WEB-WORDPRESS WordPress Plugin Essential Addons for Elementor Up to 5.7.1 - Privilege Escalation Vulnerability (CVE-2023-32243) |
998692 | CVE-2023-29084 | WEB-MISC Zoho ManageEngine ADManager Plus Prior to 7181 - OS Command Injection Vulnerability (CVE-2023-29084) |
998693 | CVE-2023-29004 | WEB-MISC Roxy-WI Prior to 6.3.9.0 - Absolute Path Traversal Vulnerability (CVE-2023-29004) |
998694 | CVE-2023-27351 | WEB-MISC PaperCut NG - Authentication Bypass Vulnerability Via /autosetup/setStatus (CVE-2023-27351) |
998695 | CVE-2023-27351 | WEB-MISC PaperCut NG - Authentication Bypass Vulnerability vi /register or /registerCreate (CVE-2023-27351) |
998696 | CVE-2023-27351 | WEB-MISC PaperCut NG - Authentication Bypass Vulnerability via /keepalive (CVE-2023-27351) |
998697 | CVE-2023-27350 | WEB-MISC PaperCut NG - Authentication Bypass Vulnerability (CVE-2023-27350) |
998698 | CVE-2023-25812 | WEB-MISC MinIO Prior to RELEASE.2023-02-17T17-52-43Z - Improper Preservation of Permissions Vulnerability (CVE-2023-25812) |
998699 | CVE-2023-25812 | WEB-MISC MinIO Prior to RELEASE.2023-02-17T17-52-43Z - Improper Preservation of Permissions Vulnerability (CVE-2023-25812) |
998700 | CVE-2023-25803 | WEB-MISC Roxy-WI Prior to 6.3.6.0 - Path Traversal Vulnerability (CVE-2023-25803) |
998701 | CVE-2023-24031 | WEB-MISC Zimbra Collaboration Suite Prior to 9.0.0 P30 - XSS Vulnerability via clazz (CVE-2023-24031) |
998702 | CVE-2023-24031 | WEB-MISC Zimbra Collaboration Suite Prior to 9.0.0 P30 - XSS Vulnerability via altkey (CVE-2023-24031) |
998703 | CVE-2023-24031 | WEB-MISC Zimbra Collaboration Suite Prior to 9.0.0 P30 - XSS Vulnerability via title (CVE-2023-24031) |
998704 | CVE-2023-24031 | WEB-MISC Zimbra Collaboration Suite Prior to 9.0.0 P30 - XSS Vulnerability via counter (CVE-2023-24031) |
998705 | CVE-2023-2338 | WEB-MISC Pimcore prior to v10.5.21 - SQL Injection Vulnerability (CVE-2023-2338) |
998706 | CVE-2023-2336 | WEB-MISC Pimcore prior to v10.5.21 - Path Traversal Vulnerability (CVE-2023-2336) |
998707 | CVE-2023-22973 | WEB-MISC OpenEMR Prior to 7.0.0 - Local File Inclusion (LFI) (CVE-2023-22973) |
998708 | CVE-2023-21742 | WEB-MISC Microsoft SharePoint - Remote Code Execution Vulnerability (CVE-2023-21742) |
998709 | CVE-2023-20864 | WEB-MISC VMware Aria Operations for Logs 8.10.2 - Deserialization Vulnerability Via approveMembership (CVE-2023-20864) |
998710 | CVE-2023-20864 | WEB-MISC VMware Aria Operations for Logs 8.10.2 - Deserialization Vulnerability Via setToken (CVE-2023-20864) |
998711 | CVE-2023-20864 | WEB-MISC VMware Aria Operations for Logs 8.10.2 - Deserialization Vulnerability Via applyMembership (CVE-2023-20864) |
998712 | CVE-2023-1578 | WEB-MISC Pimcore prior to v10.5.19 - SQL Injection Vulnerability (CVE-2023-1578) |
998713 | CVE-2023-1406 | WEB-WORDPRESS JetEngine Plugin Prior to 3.1.3.1 - Remote Code Execution Vulnerability (CVE-2023-1406) |
998714 | CVE-2023-0315 | WEB-MISC Froxlor Remote Code Execution (CVE-2023-0315) |
998715 | CVE-2022-45030 | WEB-MISC rConfig 3.9.7 and Prior - SQL Injection Vulnerability (CVE-2022-45030) |
998716 | CVE-2022-43396 | WEB-MISC Apache Kylin - Command Injection Vulnerability Via Configuration Overwrites (CVE-2022-43396) |
998717 | CVE-2022-31700 | WEB-MISC VMware Workspace ONE Access - Remote Code Execution Vulnerability via Multipart (CVE-2022-31700) |
998718 | CVE-2022-31700 | WEB-MISC VMware Workspace ONE Access - Remote Code Execution Vulnerability via JSON (CVE-2022-31700) |
998719 | CVE-2022-2884, CVE-2022-2992, CVE-2022-2865 | WEB-MISC GitLab Multiple Versions - Remote Code Execution Vulnerability (CVE-2022-2884, CVE-2022-2992, CVE-2022-2865) |
998720 | CVE-2022-27926 | WEB-MISC Zimbra Collaboration Suite Prior to 9.0.0 P24 - XSS Vulnerability (CVE-2022-27926) |
998721 | CVE-2022-0824 | WEB-CGI Improper Access Control to Remote Code Execution in WebMin prior to 1.990 using the Authentic-Theme (CVE-2022-0824) |