Signature update version 114

New signatures rules are generated for the vulnerabilities identified in the week 2023-10-05. You can download and configure these signature rules to protect your appliance from security vulnerable attacks.

Signature version

Signature version 114 applicable for NetScaler 11.1, NetScaler 12.0, Citrix ADC 12.1, Citrix ADC 13.0, NetScaler 13.1, NetScaler 14.1 platforms.

Note

Enabling Post body and Response body signature rules might affect Citrix ADC CPU.

Common Vulnerability Entry (CVE) insight

Following is a list of signature rules, CVE IDs, and its description.

Signature rule CVE ID Description
998601 CVE-2023-42793 WEB-MISC JetBrains TeamCity Prior to 2023.05.4 - Authentication Bypass Vulnerability (CVE-2023-42793)
998602 CVE-2023-40931 WEB-MISC NagiosXI Prior to 5.11.2 - SQL Injection Vulnerability (CVE-2023-40931)
998603 CVE-2023-40044 WEB-MISC Progress WS_FTP Server - Deserialization of Untrusted Data Vulnerability (CVE-2023-40044)
998604 CVE-2023-39362 WEB-MISC Cacti Prior To 1.2.25 - OS Command Injection Vulnerability (CVE-2023-39362)
998605 CVE-2023-39361 WEB-MISC Cacti Prior to 1.2.25 - SQL Injection Vulnerability (CVE-2023-39361)
998606 CVE-2023-39359 WEB-MISC Cacti Prior to 1.2.25 - SQL Injection Vulnerability (CVE-2023-39359)
998607 CVE-2023-39358 WEB-MISC Cacti Prior to 1.2.25 - SQL Injection Vulnerability via reports_admin (CVE-2023-39358)
998608 CVE-2023-39358 WEB-MISC Cacti Prior to 1.2.25 - SQL Injection Vulnerability via reports_user (CVE-2023-39358)
998609 CVE-2023-35813 WEB-MISC Sitecore Through 10.3 - Remote Code Execution Vulnerability (CVE-2023-35813)
998610 CVE-2023-20890 WEB-MISC VMware Aria Operations for Networks - Path Traversal Vulnerability Via infra API (CVE-2023-20890)
998611 CVE-2023-20890 WEB-MISC VMware Aria Operations for Networks - Path Traversal Vulnerability Via data-sources API (CVE-2023-20890)
998612 CVE-2022-43719 WEB-MISC Apache Superset Multiple Versions - CSRF Vulnerability (CVE-2022-43719)
998613 CVE-2022-40881 WEB-MISC Contec SolarView Compact Prior to 7.21 - OS Command Injection Vulnerability (CVE-2022-40881)
Signature update version 114