ADC

签名更新版本 104

针对2023-03-28周发现的漏洞生成了新的签名规则。您可以下载并配置这些签名规则,以保护您的设备免受安全漏洞攻击。

签名版本

签名版本 104 适用于 NetScaler 11.1、NetScaler 12.0、NetScaler 12.1、NetScaler 13.0、NetScaler 13.1 平台。

注意

启用帖子正文和响应正文签名规则可能会影响 NetScaler CPU。

常见漏洞条目 (CVE) 见解

以下是签名规则、CVE ID 及其描述的列表。

签名规则 CVE ID 说明
998737 CVE-2023-25135 WEB-MISC vBulletin Mutiple Version - PHP Object Injection Vulnerability via searchprefs (CVE-2023-25135)
998738 CVE-2023-25135 WEB-MISC vBulletin Mutiple Version - PHP Object Injection Vulnerability via pmfolders (CVE-2023-25135)
998739 CVE-2023-25135 WEB-MISC vBulletin Mutiple Version - PHP Object Injection Vulnerability via subfolders (CVE-2023-25135)
998740 CVE-2023-23752 WEB-MISC Joomla! 4.x up to 4.2.7 - API Improper Access Check Vulnerability (CVE-2023-23752)
998741 CVE-2023-22974 WEB-MISC OpenEMR Prior To 7.0.0 - Information Disclosure Vulnerability (CVE-2023-22974)
998742 CVE-2023-22952 WEB-MISC SugarCRM before 12.0 Hotfix 91155 - EmailTemplates PHP Code Injection Vulnerability (CVE-2023-22952)
998743 CVE-2023-22374 WEB-MISC F5 BIG-IP Multiple Versions - Format String Vulnerability (CVE-2023-22374)
998744 CVE-2023-20858 WEB-MISC VMware Carbon Black App Control Multiple Versions - SQL Injection Vulnerability (CVE-2023-20858)
998745 CVE-2022-47002,CVE-2022-47003 WEB-MISC Mura CMS and Masa CMS - Authentication Bypass Vulnerability (CVE-2022-47002, CVE-2022-47003)
998746 CVE-2022-4506 WEB-MISC OpenEMR Prior To 7.0.0.2 - Arbitrary File Upload Vulnerability (CVE-2022-4506)
998747 CVE-2022-44298 WEB-MISC SiteServer CMS Prior to 7.2.0 - SQL Injection Vulnerability (CVE-2022-44298)
998748 CVE-2022-44297 WEB-MISC SiteServer CMS Prior to 7.2.0 - SQL Injection Vulnerability (CVE-2022-44297)
998749 CVE-2022-43709 WEB-MISC MyBB Prior to 1.8.32 - SQL Injection Vulnerability (CVE-2022-43709)
998750 CVE-2022-40300 WEB-MISC Zoho ManageEngine PasswordManagerPro, PAM360 and AccessManagerPlus have SQL injection vulnerabilities.(CVE-2022-40300)
998751 CVE-2022-36633 WEB-MISC Teleport 9.3.6 - Command Injection (CVE-2022-36633)
998752 CVE-2022-35947 WEB-MISC GLPI Up to 10.0.2 - SQL Injection Vulnerability via JSON (CVE-2022-35947)
998753 CVE-2022-35947 WEB-MISC GLPI Up to 10.0.2 - SQL Injection Vulnerability via Form (CVE-2022-35947)
998754 CVE-2022-35914 WEB-MISC GLPI Up to 10.0.2 - PHP Code Injection Vulnerability in htmLawedTest (CVE-2022-35914)
998755 CVE-2022-30547 WEB-MISC WWBN AVideo Path Travesal (CVE-2022-30547)
998756 CVE-2022-24734 WEB-MISC MyBB Prior to 1.8.30 - Remote Code Execution Vulnerability (CVE-2022-24734)
998757 CVE-2020-17496 WEB-MISC vBulletin 5.5.4 through 5.6.2 - Remote Code Execution Vulnerability via routestring (CVE-2020-17496)
998758 CVE-2020-17496 WEB-MISC vBulletin 5.5.4 through 5.6.2 - Remote Code Execution Vulnerability (CVE-2020-17496)
998759 CVE-2019-16759 WEB-MISC vBulletin 5.x through 5.5.4 - Remote Code Execution Vulnerability via routestring (CVE-2019-16759)
998760 CVE-2019-16759 WEB-MISC vBulletin 5.x through 5.5.4 - Remote Code Execution Vulnerability (CVE-2019-16759)
签名更新版本 104