Signature update version 136

New signatures rules are generated for the vulnerabilities identified in the week 2024-08-20. You can download and configure these signature rules to protect your appliance from security vulnerable attacks.

Signature version

Signature version 136 applicable for NetScaler 11.1, NetScaler 12.0, Citrix ADC 12.1, Citrix ADC 13.0, NetScaler 13.1, NetScaler 14.1 platforms.

Note

Enabling Post body and Response body signature rules might affect NetScaler CPU.

Common Vulnerability Entry (CVE) insight

Following is a list of signature rules, CVE IDs, and its description.

Signature rule CVE ID Description
998445 CVE-2024-4885 WEB-MISC WhatsUp Gold Prior To 2023.1.3 - Unauthenticated Remote Code Execution Vulnerability (CVE-2024-4885)
998446 CVE-2024-41667 WEB-MISC OpenAM Prior to 15.0.4 - Template Injection Vulnerability (CVE-2024-41667)
998447 CVE-2024-38856 WEB-MISC Apache Ofbiz Prior to 18.12.15 - Incorrect Authorization Vulnerability in EntitySQLProcessor (CVE-2024-38856)
998448 CVE-2024-38856 WEB-MISC Apache Ofbiz Prior to 18.12.15 - Incorrect Authorization Vulnerability in ProgramExport (CVE-2024-38856)
998449 CVE-2024-34693 WEB-MISC Apache Superset Multiple Versions - Improper Input Validation Vulnerability (CVE-2024-34693)
998450 CVE-2024-32113, CVE-2024-36104 WEB-MISC Apache Ofbiz Prior to 18.12.14 - Path Traversal Vulnerability (CVE-2024-32113, CVE-2024-36104)
998451 CVE-2024-31460 WEB-MISC Cacti Prior To 1.2.27 - Stored SQL Injection Vulnerability Via field (CVE-2024-31460)
998452 CVE-2024-31445 WEB-MISC Cacti Prior To 1.2.27 - SQL Injection Vulnerability Via filter (CVE-2024-31445)
998453 CVE-2024-28147 WEB-MISC Edu-Sharing - Arbitrary File Upload Vulnerability via node (CVE-2024-28147)
998454 CVE-2024-28147 WEB-MISC Edu-Sharing - Arbitrary File Upload Vulnerability via collection (CVE-2024-28147)
Signature update version 136