签名更新版本 71
针对 2021-11-18 周发现的漏洞生成了新的签名规则。您可以下载并配置这些签名规则,以保护您的设备免受安全漏洞攻击。
签名版本
签名与以下软件版本的 Citrix Application Delivery Controller (ADC) (ADC) 11.1、12.0、12.1、13.0 和 13.1 兼容。
NetScaler 版本 12.0 已达到生命周期终止 (EOL)。有关更多信息,请参阅 发布生命周期 页面。
注意:
启用发布主体和响应主体签名规则可能会影响 NetScaler CPU。
常见漏洞条目 (CVE) 见解
以下是签名规则、CVE ID 及其描述的列表。
| 签名规则 | CVE ID | 说明 |
|---|---|---|
| 999098 | CVE-2021-41765 | WEB-MISC ResourceSpace 9.5 and 9.6 prior to rev 18274 - SQL Injection Vulnerability (CVE-2021-41765) |
| 999099 | CVE-2021-41288 | WEB-MISC Zoho ManageEngine OpManager Prior to Build 125467 - SQL Injection Vulnerability Via getReportData API (CVE-2021-41288) |
| 999100 | CVE-2021-40493 | WEB-MISC Zoho ManageEngine OpManager Prior to Build 125437 - SQL Injection Vulnerability Via deviceName (CVE-2021-40493) |
| 999101 | CVE-2021-40493 | WEB-MISC Zoho ManageEngine OpManager Prior to Build 125437 - SQL Injection Vulnerability Via pollingObject (CVE-2021-40493) |
| 999102 | CVE-2021-40438 | WEB-MISC Apache HTTP Server - mod_proxy Request Forward Vulnerability (CVE-2021-40438) |
| 999103 | CVE-2021-39341 | WEB-WORDPRESS OptinMonster Plugin Up to 2.6.4 - REST_ROUTE Permission Bypass Vulnerability (CVE-2021-39341) |
| 999104 | CVE-2021-39341 | WEB-WORDPRESS OptinMonster Plugin Up to 2.6.4 - REST API Permission Bypass Vulnerability (CVE-2021-39341) |
| 999105 | CVE-2021-37344 | WEB-MISC Nagios XI Switch Wizard Prior to 2.5.7 - Remote Code Execution Vulnerability Via ip_address Parameter (CVE-2021-37344) |
| 999106 | CVE-2021-35218 | WEB-MISC SolarWinds Orion Prior to 2020.2.6 - Deserialization Vulnerability Via Chart.ashx (CVE-2021-35218) |
| 999107 | CVE-2021-35215 | WEB-MISC SolarWinds Orion Platform Prior to 2020.2.6 - Remote Code Execution Vulnerability Via Reporting (CVE-2021-35215) |
| 999108 | CVE-2021-35215 | WEB-MISC SolarWinds Orion Platform Prior to 2020.2.6 - Remote Code Execution Vulnerability Via Alerting (CVE-2021-35215) |
| 999109 | CVE-2021-24889 | WEB-WORDPRESS Ninja Forms Plugin Prior to 3.6.4 - SQL Injection Vulnerability (CVE-2021-24889) |
| 999110 | CVE-2021-24381 | WEB-WORDPRESS Ninja Forms Plugin Prior to 3.5.8.2 - Custom Class Name Stored Cross-Site Scripting Vulnerability (CVE-2021-24381) |
| 999111 | CVE-2021-2401 | WEB-MISC Oracle BI Publisher - DOMParser XXE Vulnerability Via mobile X ReportTemplateService (CVE-2021-2401) |
| 999112 | CVE-2021-2401 | WEB-MISC Oracle BI Publisher - DOMParser XXE Vulnerability Via mobile ReportTemplateService (CVE-2021-2401) |
| 999113 | CVE-2021-2401 | WEB-MISC Oracle BI Publisher - DOMParser XXE Vulnerability Via xmlpservice X ReportTemplateService (CVE-2021-2401) |
| 999114 | CVE-2021-2401 | WEB-MISC Oracle BI Publisher - DOMParser XXE Vulnerability Via xmlpservice ReportTemplateService (CVE-2021-2401) |
| 999115 | CVE-2021-2392 | WEB-MISC Oracle BI Publisher - Arbitrary Files Upload Vulnerability (CVE-2021-2392) |
| 999116 | CVE-2021-2244 | WEB-MISC Oracle Hyperion-Essbase Analytic Provider Services - Remote Code Execution Vulnerability Via Essbase (CVE-2021-2244) |
| 999117 | CVE-2021-2244 | WEB-MISC Oracle Hyperion-Essbase Analytic Provider Services - Remote Code Execution Vulnerability Via admin (CVE-2021-2244) |
| 999118 | CVE-2021-2244 | WEB-MISC Oracle Hyperion-Essbase Analytic Provider Services - Remote Code Execution Vulnerability Via JAPI (CVE-2021-2244) |
| 999119 | CVE-2021-22205 | WEB-MISC GitLab CE/EE - Remote Code Execution Vulnerability Via Maliciously Crafted JPEG/TIFF Files (CVE-2021-22205) |
| 999120 | CVE-2021-22017 | WEB-MISC VMWare vCenter - Path Traversal Vulnerability Via rhhtproxy (CVE-2021-22017) |
| 999121 | CVE-2021-20837 | WEB-MISC Movable Type Prior to r.5003 - Remote Code Execution Via mt.handler_to_coderef (CVE-2021-20837) |
| 999122 | CVE-2021-20131 | WEB-MISC Zoho ManageEngine ADManager Prior to Build 7115 - Remote Code Execution Vulnerability Via File Upload (CVE-2021-20131) |
| 999123 | CVE-2021-20130 | WEB-MISC Zoho ManageEngine ADManager Prior to Build 7115 - Remote Code Execution Vulnerability Via File Upload (CVE-2021-20130) |
| 999124 | CVE-2021-20034 | WEB-MISC SonicWall Secure Mobile Access - Path Traversal Vulnerability (CVE-2021-20034) |
| 999125 | WEB-WORDPRESS BuddyPress Plugin Prior to 9.1.1 - Information Disclosure Vulnerability Via signup REST API and rest_route | |
| 999126 | WEB-WORDPRESS BuddyPress Plugin Prior to 9.1.1 - Information Disclosure Vulnerability Via signup REST API |
本内容的正式版本为英文版。部分 Cloud Software Group 文档内容采用了机器翻译,仅供您参考。Cloud Software Group 无法控制机器翻译的内容,这些内容可能包含错误、不准确或不合适的语言。对于从英文原文翻译成任何其他语言的内容的准确性、可靠性、适用性或正确性,或者您的 Cloud Software Group 产品或服务沿用了任何机器翻译的内容,我们均不作任何明示或暗示的保证,并且适用的最终用户许可协议或服务条款或者与 Cloud Software Group 签订的任何其他协议(产品或服务与已进行机器翻译的任何文档保持一致)下的任何保证均不适用。对于因使用机器翻译的内容而引起的任何损害或问题,Cloud Software Group 不承担任何责任。
签名更新版本 71
已复制!
失败!