ADC

Signature update for October 2021

May 2, 2023

Contributed by:

S S

New signatures rules are generated for the vulnerabilities identified in the week 2021-10-09. You can download and configure these signature rules to protect your appliance from security vulnerable attacks.

Signature version

Signatures are compatible with the following software versions of Citrix Application Delivery Controller (ADC) 11.1, 12.0, 12.1, 13.0 and 13.1.

NetScaler version 12.0 has reached end of life (EOL). For more information, see release life cycle page.

Note:

Enabling Post body and Response body signature rules might affect NetScaler CPU.

Common Vulnerability Entry (CVE) insight

Following is a list of signature rules, CVE IDs, and its description.

Signature rule	CVE ID	Description
999149	CVE-2021-38312	WEB-WORDPRESS Gutenberg Template Library and Redux Framework Plugin Prior to 4.2.12 - REST_ROUTE Vulnerability (CVE-2021-38312)
999150	CVE-2021-38312	WEB-WORDPRESS Gutenberg Template Library and Redux Framework Plugin Prior to 4.2.12 - REST API Vulnerability (CVE-2021-38312)
999151	CVE-2021-34639	WEB-WORDPRESS Download Manager Plugin Prior to 3.1.25 - Double Extension Upload Vulnerability (CVE-2021-34639)
999152	CVE-2021-34621	WEB-WORDPRESS ProfilePress Plugin Prior to 3.1.3 - Elevation of Privilege Vulnerability Via wp_capabilities (CVE-2021-34621)
999153	CVE-2021-32682	WEB-MISC elFinder Prior To 2.1.59 - Path Traversal Vulnerability Via Rename Command (CVE-2021-32682)
999154	CVE-2021-32682	WEB-MISC elFinder Prior To 2.1.59 - Path Traversal Vulnerability Via Abort Command (CVE-2021-32682)
999155	CVE-2021-26086	WEB-MISC Atlassian Jira Server and Data Center - Information Disclosure Vulnerability Via WEB-INF (CVE-2021-26086)
999156	CVE-2021-26086	WEB-MISC Atlassian Jira Server and Data Center - Information Disclosure Vulnerability Via META-INF (CVE-2021-26086)
999157	CVE-2021-22005	WEB-MISC VMWare vCenter - File Upload Vulnerability Via Data App (CVE-2021-22005)
999158	CVE-2021-22005	WEB-MISC VMWare vCenter - File Upload Vulnerability Via Telemetry Stage Log (CVE-2021-22005)
999159	CVE-2021-22005	WEB-MISC VMWare vCenter - File Upload Vulnerability Via Telemetry Prod Log (CVE-2021-22005)
999160	CVE-2021-20081	WEB-MISC Zoho ManageEngine Service Desk Prior to 11.2.0.5 - Remote Code Execution Vulnerability (CVE-2021-20081)
999161	CVE-2020-29453	WEB-MISC Atlassian Jira Server and Data Center - Information Disclosure Vulnerability Via WEB-INF (CVE-2020-29453)
999162	CVE-2020-29453	WEB-MISC Atlassian Jira Server and Data Center - Information Disclosure Vulnerability Via META-INF (CVE-2020-29453)

The official version of this content is in English. Some of the Cloud Software Group documentation content is machine translated for your convenience only. Cloud Software Group has no control over machine-translated content, which may contain errors, inaccuracies or unsuitable language. No warranty of any kind, either expressed or implied, is made as to the accuracy, reliability, suitability, or correctness of any translations made from the English original into any other language, or that your Cloud Software Group product or service conforms to any machine translated content, and any warranty provided under the applicable end user license agreement or terms of service, or any other agreement with Cloud Software Group, that the product or service conforms with any documentation shall not apply to the extent that such documentation has been machine translated. Cloud Software Group will not be held responsible for any damage or issues that may arise from using machine-translated content.

Was this helpful

Signature update for October 2021

May 2, 2023

Contributed by:

S S

May 2, 2023

Contributed by:

S S

Signature update for October 2021

Signature version

Common Vulnerability Entry (CVE) insight

In this article