ADC

签名更新版本 106

针对在 2023-06-16 周发现的漏洞生成了新的签名规则。您可以下载并配置这些签名规则,以保护您的设备免受安全漏洞攻击。

签名版本

签名版本 106 适用于 NetScaler 11.1、NetScaler 12.0、Citrix 12.1、Citrix 13.0、NetScaler 13.1、NetScaler 14.1 平台。

注意

启用帖子正文和响应正文签名规则可能会影响 Citrix ADC CPU。

常见漏洞条目 (CVE) 见解

以下是签名规则、CVE ID 及其描述的列表。

签名规则 CVE ID 说明
998690 CVE-2023-34362 WEB-MISC Progress MOVEit Transfer Multiple Versions - SQL Injection Vulnerability (CVE-2023-34362)
998691 CVE-2023-32243 WEB-WORDPRESS WordPress Plugin Essential Addons for Elementor Up to 5.7.1 - Privilege Escalation Vulnerability (CVE-2023-32243)
998692 CVE-2023-29084 WEB-MISC Zoho ManageEngine ADManager Plus Prior to 7181 - OS Command Injection Vulnerability (CVE-2023-29084)
998693 CVE-2023-29004 WEB-MISC Roxy-WI Prior to 6.3.9.0 - Absolute Path Traversal Vulnerability (CVE-2023-29004)、
998694 CVE-2023-27351 WEB-MISC PaperCut NG - Authentication Bypass Vulnerability Via /autosetup/setStatus (CVE-2023-27351)
998695 CVE-2023-27351 WEB-MISC PaperCut NG - Authentication Bypass Vulnerability vi /register or /registerCreate (CVE-2023-27351)
998696 CVE-2023-27351 WEB-MISC PaperCut NG - Authentication Bypass Vulnerability via /keepalive (CVE-2023-27351)
998697 CVE-2023-27350 WEB-MISC PaperCut NG - Authentication Bypass Vulnerability (CVE-2023-27350)
998698 CVE-2023-25812 WEB-MISC MinIO Prior to RELEASE.2023-02-17T17-52-43Z - Improper Preservation of Permissions Vulnerability (CVE-2023-25812)
998699 CVE-2023-25812 WEB-MISC MinIO Prior to RELEASE.2023-02-17T17-52-43Z - Improper Preservation of Permissions Vulnerability (CVE-2023-25812)
998700 CVE-2023-25803 WEB-MISC Roxy-WI Prior to 6.3.6.0 - Path Traversal Vulnerability (CVE-2023-25803)
998701 CVE-2023-24031 WEB-MISC Zimbra Collaboration Suite Prior to 9.0.0 P30 - XSS Vulnerability via clazz (CVE-2023-24031)
998702 CVE-2023-24031 WEB-MISC Zimbra Collaboration Suite Prior to 9.0.0 P30 - XSS Vulnerability via altkey (CVE-2023-24031)
998703 CVE-2023-24031 WEB-MISC Zimbra Collaboration Suite Prior to 9.0.0 P30 - XSS Vulnerability via title (CVE-2023-24031)
998704 CVE-2023-24031 WEB-MISC Zimbra Collaboration Suite Prior to 9.0.0 P30 - XSS Vulnerability via counter (CVE-2023-24031)
998705 CVE-2023-2338 WEB-MISC Pimcore prior to v10.5.21 - SQL Injection Vulnerability (CVE-2023-2338)
998706 CVE-2023-2336 WEB-MISC Pimcore prior to v10.5.21 - Path Traversal Vulnerability (CVE-2023-2336)
998707 CVE-2023-22973 WEB-MISC OpenEMR Prior to 7.0.0 - Local File Inclusion (LFI) (CVE-2023-22973)
998708 CVE-2023-21742 WEB-MISC Microsoft SharePoint - Remote Code Execution Vulnerability (CVE-2023-21742)
998709 CVE-2023-20864 WEB-MISC VMware Aria Operations for Logs 8.10.2 - Deserialization Vulnerability Via approveMembership (CVE-2023-20864)
998710 CVE-2023-20864 WEB-MISC VMware Aria Operations for Logs 8.10.2 - Deserialization Vulnerability Via setToken (CVE-2023-20864)
998711 CVE-2023-20864 WEB-MISC VMware Aria Operations for Logs 8.10.2 - Deserialization Vulnerability Via applyMembership (CVE-2023-20864)
998712 CVE-2023-1578 WEB-MISC Pimcore prior to v10.5.19 - SQL Injection Vulnerability (CVE-2023-1578)
998713 CVE-2023-1406 WEB-WORDPRESS JetEngine Plugin Prior to 3.1.3.1 - Remote Code Execution Vulnerability (CVE-2023-1406)
998714 CVE-2023-0315 WEB-MISC Froxlor Remote Code Execution (CVE-2023-0315)
998715 CVE-2022-45030 WEB-MISC rConfig 3.9.7 and Prior - SQL Injection Vulnerability (CVE-2022-45030)
998716 CVE-2022-43396 WEB-MISC Apache Kylin - Command Injection Vulnerability Via Configuration Overwrites (CVE-2022-43396)
998717 CVE-2022-31700 WEB-MISC VMware Workspace ONE Access - Remote Code Execution Vulnerability via Multipart (CVE-2022-31700)
998718 CVE-2022-31700 WEB-MISC VMware Workspace ONE Access - Remote Code Execution Vulnerability via JSON (CVE-2022-31700)
998719 CVE-2022-2884、CVE-2022-2992、CVE-2022-2865 WEB-MISC GitLab Multiple Versions - Remote Code Execution Vulnerability (CVE-2022-2884, CVE-2022-2992, CVE-2022-2865)
998720 CVE-2022-27926 WEB-MISC Zimbra Collaboration Suite Prior to 9.0.0 P24 - XSS Vulnerability (CVE-2022-27926)
998721 CVE-2022-0824 WEB-CGI Improper Access Control to Remote Code Execution in WebMin prior to 1.990 using the Authentic-Theme (CVE-2022-0824)
签名更新版本 106