Signature update version 137

New signatures rules are generated for the vulnerabilities identified in the week 2024-09-06. You can download and configure these signature rules to protect your appliance from security vulnerable attacks.

Signature version

Signature version 137 applicable for NetScaler 11.1, NetScaler 12.0, Citrix ADC 12.1, Citrix ADC 13.0, NetScaler 13.1, NetScaler 14.1 platforms.

Note

Enabling Post body and Response body signature rules might affect NetScaler CPU.

Common Vulnerability Entry (CVE) insight

Following is a list of signature rules, CVE IDs, and its description.

Signature rule CVE ID Description
998437 CVE-2024-7297 WEB-MISC Langflow Prior to 1.0.13 - Privilege Escalation Vulnerability (CVE-2024-7297)
998438 CVE-2024-6172 WEB-WORDPRESS Email Subscribers by Icegram Express Plugin Before 5.7.26 - SQLi Vulnerability unsubscribe_lists (CVE-2024-6172)
998439 CVE-2024-6172 WEB-WORDPRESS Email Subscribers by Icegram Express Plugin Before 5.7.26 - SQLi Vulnerability Via db (CVE-2024-6172)
998440 CVE-2024-5932 WEB-MISC WordPress Plugin GiveWP Prior To 3.14.2 - Deserialization of Untrusted Data Vulnerability (CVE-2024-5932)
998441 CVE-2024-5932 WEB-MISC WordPress Plugin GiveWP Prior To 3.14.2 - Deserialization of Untrusted Data Vulnerability Via Ajax (CVE-2024-5932)
998442 CVE-2024-33536 WEB-MISC Zimbra Collaboration - XSS Vulnerability via res (CVE-2024-33536)
998443 CVE-2024-33533, CVE-2024-33535 WEB-MISC Zimbra Collaboration - Local File Inclusion and XSS Vulnerabilities (CVE-2024-33533, CVE-2024-33535)
998444 CVE-2024-22263 WEB-MISC Spring Cloud Data Flow Prior To 2.11.3 - Unauthenticated Arbitrary File Write Vulnerability (CVE-2024-22263)
Signature update version 137