签名更新版本 71
针对 2021-11-18 周发现的漏洞生成了新的签名规则。您可以下载并配置这些签名规则,以保护您的设备免受安全漏洞攻击。
签名版本
签名与以下软件版本的 Citrix Application Delivery Controller (ADC) (ADC) 11.1、12.0、12.1、13.0 和 13.1 兼容。
NetScaler 版本 12.0 已达到生命周期终止 (EOL)。有关更多信息,请参阅 发布生命周期 页面。
注意:
启用发布主体和响应主体签名规则可能会影响 NetScaler CPU。
常见漏洞条目 (CVE) 见解
以下是签名规则、CVE ID 及其描述的列表。
签名规则 | CVE ID | 说明 |
---|---|---|
999098 | CVE-2021-41765 | WEB-MISC ResourceSpace 9.5 and 9.6 prior to rev 18274 - SQL Injection Vulnerability (CVE-2021-41765) |
999099 | CVE-2021-41288 | WEB-MISC Zoho ManageEngine OpManager Prior to Build 125467 - SQL Injection Vulnerability Via getReportData API (CVE-2021-41288) |
999100 | CVE-2021-40493 | WEB-MISC Zoho ManageEngine OpManager Prior to Build 125437 - SQL Injection Vulnerability Via deviceName (CVE-2021-40493) |
999101 | CVE-2021-40493 | WEB-MISC Zoho ManageEngine OpManager Prior to Build 125437 - SQL Injection Vulnerability Via pollingObject (CVE-2021-40493) |
999102 | CVE-2021-40438 | WEB-MISC Apache HTTP Server - mod_proxy Request Forward Vulnerability (CVE-2021-40438) |
999103 | CVE-2021-39341 | WEB-WORDPRESS OptinMonster Plugin Up to 2.6.4 - REST_ROUTE Permission Bypass Vulnerability (CVE-2021-39341) |
999104 | CVE-2021-39341 | WEB-WORDPRESS OptinMonster Plugin Up to 2.6.4 - REST API Permission Bypass Vulnerability (CVE-2021-39341) |
999105 | CVE-2021-37344 | WEB-MISC Nagios XI Switch Wizard Prior to 2.5.7 - Remote Code Execution Vulnerability Via ip_address Parameter (CVE-2021-37344) |
999106 | CVE-2021-35218 | WEB-MISC SolarWinds Orion Prior to 2020.2.6 - Deserialization Vulnerability Via Chart.ashx (CVE-2021-35218) |
999107 | CVE-2021-35215 | WEB-MISC SolarWinds Orion Platform Prior to 2020.2.6 - Remote Code Execution Vulnerability Via Reporting (CVE-2021-35215) |
999108 | CVE-2021-35215 | WEB-MISC SolarWinds Orion Platform Prior to 2020.2.6 - Remote Code Execution Vulnerability Via Alerting (CVE-2021-35215) |
999109 | CVE-2021-24889 | WEB-WORDPRESS Ninja Forms Plugin Prior to 3.6.4 - SQL Injection Vulnerability (CVE-2021-24889) |
999110 | CVE-2021-24381 | WEB-WORDPRESS Ninja Forms Plugin Prior to 3.5.8.2 - Custom Class Name Stored Cross-Site Scripting Vulnerability (CVE-2021-24381) |
999111 | CVE-2021-2401 | WEB-MISC Oracle BI Publisher - DOMParser XXE Vulnerability Via mobile X ReportTemplateService (CVE-2021-2401) |
999112 | CVE-2021-2401 | WEB-MISC Oracle BI Publisher - DOMParser XXE Vulnerability Via mobile ReportTemplateService (CVE-2021-2401) |
999113 | CVE-2021-2401 | WEB-MISC Oracle BI Publisher - DOMParser XXE Vulnerability Via xmlpservice X ReportTemplateService (CVE-2021-2401) |
999114 | CVE-2021-2401 | WEB-MISC Oracle BI Publisher - DOMParser XXE Vulnerability Via xmlpservice ReportTemplateService (CVE-2021-2401) |
999115 | CVE-2021-2392 | WEB-MISC Oracle BI Publisher - Arbitrary Files Upload Vulnerability (CVE-2021-2392) |
999116 | CVE-2021-2244 | WEB-MISC Oracle Hyperion-Essbase Analytic Provider Services - Remote Code Execution Vulnerability Via Essbase (CVE-2021-2244) |
999117 | CVE-2021-2244 | WEB-MISC Oracle Hyperion-Essbase Analytic Provider Services - Remote Code Execution Vulnerability Via admin (CVE-2021-2244) |
999118 | CVE-2021-2244 | WEB-MISC Oracle Hyperion-Essbase Analytic Provider Services - Remote Code Execution Vulnerability Via JAPI (CVE-2021-2244) |
999119 | CVE-2021-22205 | WEB-MISC GitLab CE/EE - Remote Code Execution Vulnerability Via Maliciously Crafted JPEG/TIFF Files (CVE-2021-22205) |
999120 | CVE-2021-22017 | WEB-MISC VMWare vCenter - Path Traversal Vulnerability Via rhhtproxy (CVE-2021-22017) |
999121 | CVE-2021-20837 | WEB-MISC Movable Type Prior to r.5003 - Remote Code Execution Via mt.handler_to_coderef (CVE-2021-20837) |
999122 | CVE-2021-20131 | WEB-MISC Zoho ManageEngine ADManager Prior to Build 7115 - Remote Code Execution Vulnerability Via File Upload (CVE-2021-20131) |
999123 | CVE-2021-20130 | WEB-MISC Zoho ManageEngine ADManager Prior to Build 7115 - Remote Code Execution Vulnerability Via File Upload (CVE-2021-20130) |
999124 | CVE-2021-20034 | WEB-MISC SonicWall Secure Mobile Access - Path Traversal Vulnerability (CVE-2021-20034) |
999125 | WEB-WORDPRESS BuddyPress Plugin Prior to 9.1.1 - Information Disclosure Vulnerability Via signup REST API and rest_route | |
999126 | WEB-WORDPRESS BuddyPress Plugin Prior to 9.1.1 - Information Disclosure Vulnerability Via signup REST API |
签名更新版本 71
已复制!
失败!