签名更新版本 57
针对在 2021-02-03 周发现的漏洞生成了新的签名规则。您可以下载并配置这些签名规则,以保护您的设备免受安全漏洞攻击。
签名版本
签名与以下软件版本的 Citrix Application Delivery Controller (ADC) (ADC) 11.1、12.0、12.1、13.0 和 13.1 兼容。
NetScaler 版本 12.0 已达到生命周期终止 (EOL)。有关更多信息,请参阅 发布生命周期 页面。
注意:
启用发布主体和响应主体签名规则可能会影响 NetScaler CPU。
常见漏洞条目 (CVE) 见解
以下是签名规则、CVE ID 及其描述的列表。
| 签名规则 | CVE ID | 说明 |
|---|---|---|
| 999339 | WEB-MISC Zoom Meeting Connector 4.6.348.20201217 - Remote Code Execution Vulnerability Via proxyPasswd | |
| 999340 | WEB-MISC Zoom Meeting Connector 4.6.348.20201217 - Remote Code Execution Vulnerability Via proxyName | |
| 999341 | CVE-2021-3129 | WEB-MISC Ignition Prior to 2.5.2 - Unauthenticated Remote Code Execution Vulnerability (CVE-2021-3129) |
| 999342 | CVE-2021-3025 | WEB-MISC Invision Community IPS Community Suite Prior to 4.5.4.2 - SQL Injection Vulnerability Via sortDir (CVE-2021-3025) |
| 999343 | CVE-2021-2109 | WEB-MISC Oracle WebLogic Server - Remote Code Execution Vulnerability Via JNDI Injection (CVE-2021-2109) |
| 999344 | CVE-2020-7200 | WEB-MISC HPE Systems Insight Manager 7.6.x - AMF Unsecure Deserialization Vulnerability (CVE-2020-7200) |
| 999345 | CVE-2020-7199 | WEB-MISC HPE EIM Prior to 1.21 - Improper Authentication Vulnerability in /private/EIMApplianceIP (CVE-2020-7199) |
| 999346 | CVE-2020-7199 | WEB-MISC HPE EIM Prior to 1.21 - Improper Authentication Vulnerability in /private/AdminPassReset (CVE-2020-7199) |
| 999347 | CVE-2020-7199 | WEB-MISC HPE EIM Prior to 1.21 - Improper Authentication Vulnerability in /private/ResetAppliance (CVE-2020-7199) |
| 999348 | CVE-2020-6136 | WEB-MISC OS4Ed OpenSIS Prior to 7.5 - SQLi Vulnerability Via DownloadWindow.php (CVE-2020-6136) |
| 999349 | CVE-2020-35729 | WEB-MISC KLog Server 2.4.1 and Prior - OS Command Injection Vulnerability (CVE-2020-35729) |
| 999350 | CVE-2020-35701 | WEB-MISC Cacti 1.2.16 and Prior - SQL Injection Vulnerability Via site_id (CVE-2020-35701) |
| 999351 | CVE-2020-35489 | WEB-WORDPRESS Contact Form 7 Prior to 5.3.2 - Unrestricted File Upload Vulnerability (CVE-2020-35489) |
| 999352 | CVE-2020-27615 | WEB-WORDPRESS Loginizer Plugin Prior to 1.6.4 - SQL Injection Vulnerability (CVE-2020-27615) |
| 999353 | CVE-2020-26046 | WEB-MISC Fuel CMS 1.4.11 and Prior - XSS Vulnerability Via /fuel/sitevariables/create (CVE-2020-26046) |
| 999354 | CVE-2020-26046 | WEB-MISC Fuel CMS 1.4.11 and Prior - XSS Vulnerability Via /fuel/sitevariables/edit (CVE-2020-26046) |
| 999355 | CVE-2020-26046 | WEB-MISC Fuel CMS 1.4.11 and Prior - XSS Vulnerability Via /fuel/navigation/create (CVE-2020-26046) |
| 999356 | CVE-2020-26046 | WEB-MISC Fuel CMS 1.4.11 and Prior - XSS Vulnerability Via /fuel/navigation/edit (CVE-2020-26046) |
| 999357 | CVE-2020-26046 | WEB-MISC Fuel CMS 1.4.11 and Prior - XSS Vulnerability Via /fuel/blocks/create (CVE-2020-26046) |
| 999358 | CVE-2020-26046 | WEB-MISC Fuel CMS 1.4.11 and Prior - XSS Vulnerability Via /fuel/blocks/edit (CVE-2020-26046) |
| 999359 | CVE-2020-26045 | WEB-MISC Fuel CMS 1.4.11 - SQLi Vulnerability Via /fuel/permissions/create (CVE-2020-26045) |
| 999360 | CVE-2020-17519 | WEB-MISC Apache Flink Prior to 1.11.3 - Arbitrary File Disclosure Vulnerability (CVE-2020-17519) |
| 999361 | CVE-2020-17518 | WEB-MISC Apache Flink 1.5.1 to 1.11.2 - Arbitrary Location File Upload Vulnerability (CVE-2020-17518) |
| 999362 | CVE-2019-16010 | WEB-MISC Cisco SD-WAN vManage Prior to 19.2.2 - Stored XSS Vulnerability (CVE-2019-16010) |
| 999363 | CVE-2019-15000 | WEB-MISC VMWare Bitbucket Server and Data Center - Git Command Injection Vulnerability Via at (CVE-2019-15000) |
| 999364 | CVE-2019-15000 | WEB-MISC VMWare Bitbucket Server and Data Center - Git Command Injection Vulnerability Via until/untilID (CVE-2019-15000) |
| 999365 | CVE-2019-15000 | WEB-MISC VMWare Bitbucket Server and Data Center - Git Command Injection Vulnerability Via since/sinceID (CVE-2019-15000) |
签名更新版本 57
已复制!
失败!