Signature update version 138

New signatures rules are generated for the vulnerabilities identified in the week 2024-09-18. You can download and configure these signature rules to protect your appliance from security vulnerable attacks.

Signature version

Signature version 138 applicable for NetScaler 11.1, NetScaler 12.0, Citrix ADC 12.1, Citrix ADC 13.0, NetScaler 13.1, NetScaler 14.1 platforms.

Note

Enabling Post body and Response body signature rules might affect NetScaler CPU.

Common Vulnerability Entry (CVE) insight

Following is a list of signature rules, CVE IDs, and its description.

Signature rule CVE ID Description
998427 CVE-2024-7591 WEB-MISC Progress LoadMaster Prior To 7.2.60.1 - Unauthenticated OS Command Injection Vulnerability Via token (CVE-2024-7591)
998428 CVE-2024-7591 WEB-MISC Progress LoadMaster Prior To 7.2.60.1 - Unauthenticated OS Command Injection Vulnerability Via pass (CVE-2024-7591)
998429 CVE-2024-7591 WEB-MISC Progress LoadMaster Prior To 7.2.60.1 - Unauthenticated OS Command Injection Vulnerability Via user (CVE-2024-7591)
998430 CVE-2024-6670 WEB-MISC WhatsUp Gold Prior To 2023.1.3 - Unauthenticated SQL Injection (CVE-2024-6670)
998431 CVE-2024-4884 WEB-MISC WhatsUp Gold Prior To 2023.1.3 - Command Execution Vulnerability (CVE-2024-4884)
998432 CVE-2024-44000 WEB-MISC WordPress Plugin LiteSpeed Cache Prior To 6.5.0.1 - Account Takeover Vulnerability (CVE-2024-44000)
998433 CVE-2024-42362 WEB-MISC Apache HertzBeat Prior to 1.6.0 - Remote Code Execution Vulnerability (CVE-2024-42362)
998434 CVE-2024-42361 WEB-MISC Apache HertzBeat 1.6.0 - SQL Injection Vulnerability Via label(CVE-2024-42361)
998435 CVE-2024-42361 WEB-MISC Apache HertzBeat 1.6.0 - SQL Injection Vulnerability Via history(CVE-2024-42361)
998436 CVE-2023-51389 WEB-MISC Apache HertzBeat Prior to 1.5.0 - Remote Code Execution Vulnerability (CVE-2023-51389)
Signature update version 138