Product Documentation
ADC
14.1 - Current Release 13.1 13.0 12.1
View PDF

Signature update version 140

October 25, 2024
Contributed by: 
C

New signatures rules are generated for the vulnerabilities identified in the week 2024-10-24. You can download and configure these signature rules to protect your appliance from security vulnerable attacks.

Signature version

Signature version 140 applicable for NetScaler 11.1, NetScaler 12.0, Citrix ADC 12.1, Citrix ADC 13.0, NetScaler 13.1, NetScaler 14.1 platforms.

Note

Enabling Post body and Response body signature rules might affect NetScaler CPU.

Common Vulnerability Entry (CVE) insight

Following is a list of signature rules, CVE IDs, and its description.

Signature rule CVE ID Description
998402 CVE-2024-9465 WEB-MISC Palo Alto Expedition Prior to 1.2.96 - Unauthenticated SQL Injection Vulnerability (CVE-2024-9465)
998403 CVE-2024-9464 WEB-MISC Palo Alto Expedition Prior to 1.2.96 - OS Command Injection Vulnerability Via start_date (CVE-2024-9464)
998404 CVE-2024-9464 WEB-MISC Palo Alto Expedition Prior to 1.2.96 - OS Command Injection Vulnerability Via start_time (CVE-2024-9464)
998405 CVE-2024-8353 WEB-MISC WordPress Plugin GiveWP Prior To 3.16.2 - Deserialization of Untrusted Data Vulnerability (CVE-2024-8353)
998406 CVE-2024-8353 WEB-MISC WordPress Plugin GiveWP Prior To 3.16.2 - Deserialization of Untrusted Data Vulnerability Via Ajax (CVE-2024-8353)
998407 CVE-2024-7781 WEB-WORDPRESS Artbees Jupiter X Core Plugin Prior to 4.7.8 - Authentication Bypass Vulnerability Via Facebook (CVE-2024-7781)
998408 CVE-2024-7781 WEB-WORDPRESS Artbees Jupiter X Core Plugin Prior to 4.7.8 - Authentication Bypass Vulnerability Via Google (CVE-2024-7781)
998409 CVE-2024-7772 WEB-WORDPRESS Artbees Jupiter X Core Plugin Prior to 4.6.6 - Arbitrary File Upload Vulnerability (CVE-2024-7772)
998410 CVE-2024-5932 WEB-MISC WordPress Plugin GiveWP Prior To 3.14.2 - Deserialization of Untrusted Data Vulnerability (CVE-2024-5932)
998411 CVE-2024-5932 WEB-MISC WordPress Plugin GiveWP Prior To 3.14.2 - Deserialization of Untrusted Data Vulnerability Via Ajax (CVE-2024-5932)
998412 CVE-2024-5910 WEB-MISC Palo Alto Expedition Prior to 1.2.92 - Missing Authentication for Critical Function Vulnerability (CVE-2024-5910)
998413 CVE-2024-5019 WEB-MISC WhatsUp Gold Prior To 2023.1.3 - Unauthenticated File Disclosure Vulnerability (CVE-2024-5019)
998414 CVE-2024-5018 WEB-MISC WhatsUp Gold Prior To 2023.1.3 - Unauthenticated File Disclosure Vulnerability (CVE-2024-5018)
998415 CVE-2024-5017 WEB-MISC WhatsUp Gold Prior To 2023.1.3 - Path Traversal Vulnerability (CVE-2024-5017)
998416 CVE-2024-47374 WEB-MISC WordPress Plugin LiteSpeed Cache Prior To 6.5.1 - Stored XSS Vulnerability (CVE-2024-47374)
998417 CVE-2024-38653 WEB-MISC Ivanti Avalanche Up to 6.3.1 - SmartDeviceServer XXE Vulnerability (CVE-2024-38653)
Signature update version 140
October 25, 2024
Contributed by: 
C
October 25, 2024
Contributed by: 
C

In this article

Site feedback | Your privacy choices footer linkYour Privacy Choices | Privacy and legal terms | Cookie preferences | Consent settings | docs.cloud.com
© 1999- Cloud Software Group, Inc. All rights reserved.