签名更新版本 67
为 2021-08-29 周确定的漏洞生成了新的签名规则。您可以下载并配置这些签名规则,以保护您的设备免受安全漏洞攻击。
签名版本
签名与以下软件版本的 Citrix Application Delivery Controller (ADC) (ADC) 11.1、12.0、12.1、13.0 和 13.1 兼容。
NetScaler 版本 12.0 已达到生命周期终止 (EOL)。有关更多信息,请参阅 发布生命周期 页面。
注意:
启用发布主体和响应主体签名规则可能会影响 NetScaler CPU。
常见漏洞条目 (CVE) 见解
以下是签名规则、CVE ID 及其描述的列表。
| 签名规则 | CVE ID | 说明 |
|---|---|---|
| 999183 | CVE-2021-37557 | WEB-MISC Centreon Multiple Versions - SQL Injection Vulnerability (CVE-2021-37557) |
| 999184 | CVE-2021-35501 | WEB-MISC Artica Pandora FMS Up to 7.54 - Visual Console Stored XSS Vulnerability (CVE-2021-35501) |
| 999185 | CVE-2021-35464 | WEB-MISC ForgeRock Access Management and OpenAM - Remote Code Execution Vulnerability (CVE-2021-35464) |
| 999186 | CVE-2021-34523 | WEB-MISC Microsoft Exchange Server - Elevation of Privilege Vulnerability (CVE-2021-34523) |
| 999187 | CVE-2021-34473 | WEB-MISC Microsoft Exchange Server - Server Side Request Forgery Authentication Bypass Vulnerability Via Query (CVE-2021-34473) |
| 999188 | CVE-2021-34473 | WEB-MISC Microsoft Exchange Server - Server Side Request Forgery Authentication Bypass Vulnerability Via Cookie (CVE-2021-34473) |
| 999189 | CVE-2021-33203 | WEB-MISC Django - TemplateDetailView File Existence Disclosure Vulnerability via Absolute Path (CVE-2021-33203) |
| 999190 | CVE-2021-33203 | WEB-MISC Django - TemplateDetailView File Existence Disclosure Vulnerability via Path Traversal (CVE-2021-33203) |
| 999191 | CVE-2021-33203 | WEB-MISC Django - TemplateDetailView File Existence Disclosure Vulnerability via backslash (CVE-2021-33203) |
| 999192 | CVE-2021-33203 | WEB-MISC Django - TemplateDetailView File Existence Disclosure Vulnerability Via Slash (CVE-2021-33203) |
| 999193 | CVE-2021-3287, CVE-2020-28653 | WEB-MISC Zoho ManageEngine OpManager Prior to 12.5.329 - Unauthenticated RCE Vulnerability (CVE-2021-3287, CVE-2020-28653) |
| 999194 | CVE-2021-32789 | WEB-WORDPRESS WooCommerce Plugin Up to 5.5.0 - SQL Injection Vulnerability Via taxonomy and rest_route (CVE-2021-32789) |
| 999195 | CVE-2021-32789 | WEB-WORDPRESS WooCommerce Plugin Up to 5.5.0 - SQL Injection Vulnerability Via taxonomy (CVE-2021-32789) |
| 999196 | CVE-2021-32604 | WEB-MISC SolarWinds Serv-U Prior to 15.2.3 - Cross-Site Scripting Vulnerability Via SenderEmail Parameter (CVE-2021-32604) |
| 999197 | CVE-2021-32093 | WEB-MISC National Security Agency Emissary 5.9.0 - Arbitrary File Read Vulnerability (CVE-2021-32093) |
| 999198 | CVE-2021-31760 | WEB-MISC Webmin Prior to 1.974 - CSRF Vulnerability Lead to RCE Via run.cgi (CVE-2021-31760) |
| 999199 | CVE-2021-31207 | WEB-MISC Microsoft Exchange Server - Security Feature Bypass Vulnerability (CVE-2021-31207) |
| 999200 | CVE-2021-31195 | WEB-MISC Microsoft Exchange Server - Remote Code Execution Vunerability (CVE-2021-31195) |
| 999201 | CVE-2021-28474 | WEB-MISC Microsoft SharePoint Server - Remote Code Execution Vulnerability (CVE-2021-28474) |
| 999202 | CVE-2021-24385 | WEB-WORDPRESS FileBird Plugin 4.7.3 - SQL Injection Vulnerability Via selectedFolder Parameter and rest_route (CVE-2021-24385) |
| 999203 | CVE-2021-24385 | WEB-WORDPRESS FileBird Plugin 4.7.3 - SQL Injection Vulnerability Via selectedFolder Parameter (CVE-2021-24385) |
| 999204 | CVE-2021-24385 | WEB-WORDPRESS FileBird Plugin 4.7.3 - SQL Injection Vulnerability Via JSON-Encoded Body (CVE-2021-24385) |
| 999205 | CVE-2021-24356 | WEB-WORDPRESS Simple 301 Redirects Plugin Prior to 2.0.4 - Arbitrary Plugin Activation Vulnerability (CVE-2021-24356) |
| 999206 | CVE-2021-23024 | WEB-MISC F5 BIG-IQ Multiple Versions - Remote Code Execution Vulnerability (CVE-2021-23024) |
| 999207 | CVE-2021-22911 | WEB-MISC Rocket.Chat Server 3.11, 3.12 and 3.13 - Blind NOSQL Injection Vulnerability (CVE-2021-22911) |
| 999208 | CVE-2021-22900 | WEB-MISC Pulse Connect Secure Prior To 9.1R11.4 - Remote Code Execution Vulnerability Via smimeCert.cgi (CVE-2021-22900) |
| 999209 | CVE-2021-22900 | WEB-MISC Pulse Connect Secure Prior To 9.1R11.4 - Remote Code Execution Vulnerability Via admincert.cgi (CVE-2021-22900) |
| 999210 | CVE-2021-22900 | WEB-MISC Pulse Connect Secure Prior To 9.1R11.4 - Remote Code Execution Vulnerability Via clientauthcert.cgi (CVE-2021-22900) |
| 999211 | CVE-2021-22160 | WEB-MISC Apache Pulsar - JSON Web Tokens Authentication Bypass Vulnerability (CVE-2021-22160) |
| 999212 | CVE-2021-21809 | WEB-MISC Moodle - Remote Code Execution Vulnerability Via Spellchecker Plugin and getSuggestions Method (CVE-2021-21809) |
| 999213 | CVE-2021-21809 | WEB-MISC Moodle - Remote Code Execution Vulnerability Via Spellchecker Plugin and checkWords Method (CVE-2021-21809) |
| 999214 | CVE-2021-21809 | WEB-MISC Moodle - Remote Code Execution Vulnerability Via s__aspellpath (CVE-2021-21809) |
| 999215 | CVE-2021-21805 | WEB-MISC Advantech R-SeeNet - Unauthenticated Remote Code Execution Vulnerability (CVE-2021-21805) |
| 999216 | CVE-2021-21804 | WEB-MISC Advantech R-SeeNet - Local File Inclusion Vulnerability Via sub_opt (CVE-2021-21804) |
| 999217 | CVE-2021-21587 | WEB-MISC Dell Wyse Management Suite Prior to 3.3 - Path Traversal Vulnerability Via /image/os/listfiles (CVE-2021-21587) |
| 999218 | CVE-2021-21587 | WEB-MISC Dell Wyse Management Suite Prior to 3.3 - Path Traversal Vulnerability Via /image/app/rsp/listfiles (CVE-2021-21587) |
| 999219 | CVE-2021-21586 | WEB-MISC Dell Wyse Management Suite Prior to 3.3 - Path Traversal Vulnerability Via /image/app and fileName (CVE-2021-21586) |
| 999220 | CVE-2021-21586 | WEB-MISC Dell Wyse Management Suite Prior to 3.3 - Path Traversal Vulnerability Via /image/os and fileName (CVE-2021-21586) |
| 999221 | CVE-2021-21586 | WEB-MISC Dell Wyse Management Suite Prior to 3.3 - Path Traversal Vulnerability Via /image/os and filePath (CVE-2021-21586) |
| 999222 | CVE-2020-25223 | WEB-MISC Sophos SG UTM - Remote Code Execution Via SID and /var (CVE-2020-25223) |
| 999223 | CVE-2020-25223 | WEB-MISC Sophos SG UTM - Remote Code Execution Via SID and /webadmin.plx (CVE-2020-25223) |
| 999224 | CVE-2020-21056 | WEB-MISC FusionPBX 4.5.7 - Path Traversal Vulnerability Via foldernew (CVE-2020-21056) |
| 999225 | CVE-2020-21055 | WEB-MISC FusionPBX 4.5.7 - Path Traversal Vulnerability Via File Rename Feature (CVE-2020-21055) |
| 999226 | CVE-2020-16245 | WEB-MISC Advantech iView Prior to 5.7.03.6112 - Path Traversal Vulnerability in findSummaryUpdateDeviceListExpo (CVE-2020-16245) |
| 999227 | CVE-2020-16245 | WEB-MISC Advantech iView Prior to 5.7.03.6112 - Path Traversal Vulnerability Via findCfgDeviceListExport (CVE-2020-16245) |
| 999228 | CVE-2020-14181 | WEB-MISC Atlassian Jira Server - Information Disclosure Vulnerability Via ViewUserHover.jspa (CVE-2020-14181) |
| 999229 | CVE-2020-14005 | WEB-MISC SolarWinds Orion Prior to 2020.2.1 HF 2 - Remote Code Execution Via ExecuteVBScript Action Type (CVE-2020-14005) |
| 999230 | CVE-2020-14005 | WEB-MISC SolarWinds Orion Prior to 2020.2.1 HF 2 - Remote Code Execution Via ExecuteExternalProgram Action Type (CVE-2020-14005) |
签名更新版本 67
已复制!
失败!