Signature update version 140
New signatures rules are generated for the vulnerabilities identified in the week 2024-10-24. You can download and configure these signature rules to protect your appliance from security vulnerable attacks.
Signature version
Signature version 140 applicable for NetScaler 11.1, NetScaler 12.0, Citrix ADC 12.1, Citrix ADC 13.0, NetScaler 13.1, NetScaler 14.1 platforms.
Note
Enabling Post body and Response body signature rules might affect NetScaler CPU.
Common Vulnerability Entry (CVE) insight
Following is a list of signature rules, CVE IDs, and its description.
| Signature rule | CVE ID | Description |
|---|---|---|
| 998402 | CVE-2024-9465 | WEB-MISC Palo Alto Expedition Prior to 1.2.96 - Unauthenticated SQL Injection Vulnerability (CVE-2024-9465) |
| 998403 | CVE-2024-9464 | WEB-MISC Palo Alto Expedition Prior to 1.2.96 - OS Command Injection Vulnerability Via start_date (CVE-2024-9464) |
| 998404 | CVE-2024-9464 | WEB-MISC Palo Alto Expedition Prior to 1.2.96 - OS Command Injection Vulnerability Via start_time (CVE-2024-9464) |
| 998405 | CVE-2024-8353 | WEB-MISC WordPress Plugin GiveWP Prior To 3.16.2 - Deserialization of Untrusted Data Vulnerability (CVE-2024-8353) |
| 998406 | CVE-2024-8353 | WEB-MISC WordPress Plugin GiveWP Prior To 3.16.2 - Deserialization of Untrusted Data Vulnerability Via Ajax (CVE-2024-8353) |
| 998407 | CVE-2024-7781 | WEB-WORDPRESS Artbees Jupiter X Core Plugin Prior to 4.7.8 - Authentication Bypass Vulnerability Via Facebook (CVE-2024-7781) |
| 998408 | CVE-2024-7781 | WEB-WORDPRESS Artbees Jupiter X Core Plugin Prior to 4.7.8 - Authentication Bypass Vulnerability Via Google (CVE-2024-7781) |
| 998409 | CVE-2024-7772 | WEB-WORDPRESS Artbees Jupiter X Core Plugin Prior to 4.6.6 - Arbitrary File Upload Vulnerability (CVE-2024-7772) |
| 998410 | CVE-2024-5932 | WEB-MISC WordPress Plugin GiveWP Prior To 3.14.2 - Deserialization of Untrusted Data Vulnerability (CVE-2024-5932) |
| 998411 | CVE-2024-5932 | WEB-MISC WordPress Plugin GiveWP Prior To 3.14.2 - Deserialization of Untrusted Data Vulnerability Via Ajax (CVE-2024-5932) |
| 998412 | CVE-2024-5910 | WEB-MISC Palo Alto Expedition Prior to 1.2.92 - Missing Authentication for Critical Function Vulnerability (CVE-2024-5910) |
| 998413 | CVE-2024-5019 | WEB-MISC WhatsUp Gold Prior To 2023.1.3 - Unauthenticated File Disclosure Vulnerability (CVE-2024-5019) |
| 998414 | CVE-2024-5018 | WEB-MISC WhatsUp Gold Prior To 2023.1.3 - Unauthenticated File Disclosure Vulnerability (CVE-2024-5018) |
| 998415 | CVE-2024-5017 | WEB-MISC WhatsUp Gold Prior To 2023.1.3 - Path Traversal Vulnerability (CVE-2024-5017) |
| 998416 | CVE-2024-47374 | WEB-MISC WordPress Plugin LiteSpeed Cache Prior To 6.5.1 - Stored XSS Vulnerability (CVE-2024-47374) |
| 998417 | CVE-2024-38653 | WEB-MISC Ivanti Avalanche Up to 6.3.1 - SmartDeviceServer XXE Vulnerability (CVE-2024-38653) |
Signature update version 140
Copied!
Failed!