ADC
签名更新版本 78
针对在 2022-03-29 周发现的漏洞生成了新的签名规则。您可以下载并配置这些签名规则,以保护您的设备免受安全漏洞的攻击。
签名版本
签名版本 78 适用于 NetScaler 11.1、NetScaler 12.0、NetScaler 12.1、NetScaler 13.0、NetScaler 13.1 平台。
注意:
启用发布主体和响应主体签名规则可能会影响 NetScaler CPU。
常见漏洞条目 (CVE) 见解
以下是签名规则、CVE ID 及其描述的列表。
| 签名规则 | CVE ID | 说明 |
|---|---|---|
| 999006 | WEB-MISC Zabbix 多个版本-通过 items.php 进行的远程代码执行漏洞 | |
| 999007 | CVE-2022-24266 | WEB-MISC Cuppa CMS v1.0 - SQL Injection Vulnerability via order_orientation (CVE-2022-24266) |
| 999008 | CVE-2022-24266 | WEB-MISC Cuppa CMS v1.0 - SQL Injection Vulnerability via order_by (CVE-2022-24266) |
| 999009 | CVE-2022-22005 | WEB-MISC Microsoft SharePoint - RCE Via Deserialization of Untrusted Data Vulnerability (CVE-2022-22005) |
| 999010 | CVE-2022-21705 | WEB-MISC OctoberCMS Prior to Build 474 and v1.1.10 - Remote Code Execution Vulnerability (CVE-2022-21705) |
| 999011 | CVE-2022-0557 | WEB-MISC Microweber Prior to 1.2.11 - Remote Code Execution Vulnerability (CVE-2022-0557) |
| 999012 | CVE-2022-0513 | WEB-WORDPRESS WP Statistics Plugin Prior to 13.1.5 - Blind SQL Injection Vulnerability (CVE-2022-0513) |
| 999013 | CVE-2022-0332 | WEB-MISC Moodle 3.11.0 to 3.11.4 - H5P Activity SQL Injection Vulnerability (CVE-2022-0332) |
| 999014 | CVE-2021-46088 | WEB-MISC Zabbix Multiple Versions - Remote Code Execution Vulnerability (CVE-2021-46088) |
| 999015 | CVE-2021-43789 | WEB-MISC PrestaShop Prior to 1.7.8.2 - SQL Injection Vulnerability Via sortOrder (CVE-2021-43789) |
| 999016 | CVE-2021-43789 | WEB-MISC PrestaShop Prior to 1.7.8.2 - SQL Injection Vulnerability Via orderBy (CVE-2021-43789) |
| 999017 | CVE-2021-43408 | WEB-WORDPRESS Duplicate Post Plugin Prior to 1.1.9 - SQL Injection Vulnerability (CVE-2021-43408) |
| 999018 | CVE-2021-43319 | WEB-MISC Zoho ManageEngine NCM Prior to 125488 - OS Command Injection Vulnerability (CVE-2021-43319) |
| 999019 | CVE-2021-41282 | WEB-MISC pfSense 2.5.2 - Remote Code Execution Vulnerability (CVE-2021-41282) |
| 999020 | CVE-2021-39115,CVE-2021-43947 | WEB-MISC Atlassian Jira Server and Data Center - Server Side Template Injection Vulnerability (CVE-2021-39115, CVE-2021-43947) |
| 999021 | CVE-2021-38452 | WEB-MISC Moxa MXview Network Management Prior to 3.2.2 - Path Traversal Vulnerability (CVE-2021-38452) |
| 999022 | CVE-2021-37918 | WEB-MISC Zoho ManageEngine ADManager Plus Prior to 7111 - Path Traversal Vulnerability Via domainName (CVE-2021-37918) |
| 999023 | CVE-2021-37918 | WEB-MISC Zoho ManageEngine ADManager Plus Prior to 7111 - Path Traversal Vulnerability Via bm_operationId (CVE-2021-37918) |
| 999024 | CVE-2021-37918 | WEB-MISC Zoho ManageEngine ADManager Plus Prior to 7111 - RCE Via Arbitrary File Upload Vulnerability (CVE-2021-37918) |
| 999025 | CVE-2021-32649 | WEB-MISC OctoberCMS Prior to Build 473 and v1.1.6 - Remote Code Execution Vulnerability via Twig (CVE-2021-32649) |
| 999026 | CVE-2021-32648 | WEB-MISC OctoberCMS Prior to Build 472 and v1.1.5 - Password Reset Vulnerability (CVE-2021-32648) |
| 999027 | CVE-2021-32099,CVE-2020-26518 | WEB-MISC Artica Pandora Prior to 743 - SQL Injection Vulnerability Via chart_generator (CVE-2021-32099, CVE-2020-26518) |
| 999028 | CVE-2021-32098 | WEB-MISC Artica Pandora Prior to 743 - Phar Deserialization Vulnerability Via progressbubble (CVE-2021-32098) |
| 999029 | CVE-2021-32098 | WEB-MISC Artica Pandora Prior to 743 - Phar Deserialization Vulnerability Via progressbar (CVE-2021-32098) |
| 999030 | CVE-2021-30149 | WEB-MISC Composr 10.0.36 - Remote Code Execution Vulnerability (CVE-2021-30149) |
| 999031 | CVE-2021-25114 | WEB-WORDPRESS Paid Memberships Pro Plugin Prior to 2.6.7 - SQLi Vulnerability Via rest_route and discount_code (CVE-2021-25114) |
| 999032 | CVE-2021-25114 | WEB-WORDPRESS Paid Memberships Pro Plugin Prior to 2.6.7 - SQLi Vulnerability Via wp-json and discount_code (CVE-2021-25114) |
| 999033 | CVE-2021-21984 | WEB-MISC VMware vRealize Business for Cloud 7.x prior to 7.6.0 - Remote Code Execution Vulnerability (CVE-2021-21984) |
已复制!
失败!