签名更新版本 78
针对在 2022-03-29 周发现的漏洞生成了新的签名规则。您可以下载并配置这些签名规则,以保护您的设备免受安全漏洞的攻击。
签名版本
签名版本 78 适用于 NetScaler 11.1、NetScaler 12.0、NetScaler 12.1、NetScaler 13.0、NetScaler 13.1 平台。
注意:
启用发布主体和响应主体签名规则可能会影响 NetScaler CPU。
常见漏洞条目 (CVE) 见解
以下是签名规则、CVE ID 及其描述的列表。
| 签名规则 | CVE ID | 说明 |
|---|---|---|
| 999006 | WEB-MISC Zabbix 多个版本-通过 items.php 进行的远程代码执行漏洞 | |
| 999007 | CVE-2022-24266 | WEB-MISC Cuppa CMS v1.0 - SQL Injection Vulnerability via order_orientation (CVE-2022-24266) |
| 999008 | CVE-2022-24266 | WEB-MISC Cuppa CMS v1.0 - SQL Injection Vulnerability via order_by (CVE-2022-24266) |
| 999009 | CVE-2022-22005 | WEB-MISC Microsoft SharePoint - RCE Via Deserialization of Untrusted Data Vulnerability (CVE-2022-22005) |
| 999010 | CVE-2022-21705 | WEB-MISC OctoberCMS Prior to Build 474 and v1.1.10 - Remote Code Execution Vulnerability (CVE-2022-21705) |
| 999011 | CVE-2022-0557 | WEB-MISC Microweber Prior to 1.2.11 - Remote Code Execution Vulnerability (CVE-2022-0557) |
| 999012 | CVE-2022-0513 | WEB-WORDPRESS WP Statistics Plugin Prior to 13.1.5 - Blind SQL Injection Vulnerability (CVE-2022-0513) |
| 999013 | CVE-2022-0332 | WEB-MISC Moodle 3.11.0 to 3.11.4 - H5P Activity SQL Injection Vulnerability (CVE-2022-0332) |
| 999014 | CVE-2021-46088 | WEB-MISC Zabbix Multiple Versions - Remote Code Execution Vulnerability (CVE-2021-46088) |
| 999015 | CVE-2021-43789 | WEB-MISC PrestaShop Prior to 1.7.8.2 - SQL Injection Vulnerability Via sortOrder (CVE-2021-43789) |
| 999016 | CVE-2021-43789 | WEB-MISC PrestaShop Prior to 1.7.8.2 - SQL Injection Vulnerability Via orderBy (CVE-2021-43789) |
| 999017 | CVE-2021-43408 | WEB-WORDPRESS Duplicate Post Plugin Prior to 1.1.9 - SQL Injection Vulnerability (CVE-2021-43408) |
| 999018 | CVE-2021-43319 | WEB-MISC Zoho ManageEngine NCM Prior to 125488 - OS Command Injection Vulnerability (CVE-2021-43319) |
| 999019 | CVE-2021-41282 | WEB-MISC pfSense 2.5.2 - Remote Code Execution Vulnerability (CVE-2021-41282) |
| 999020 | CVE-2021-39115,CVE-2021-43947 | WEB-MISC Atlassian Jira Server and Data Center - Server Side Template Injection Vulnerability (CVE-2021-39115, CVE-2021-43947) |
| 999021 | CVE-2021-38452 | WEB-MISC Moxa MXview Network Management Prior to 3.2.2 - Path Traversal Vulnerability (CVE-2021-38452) |
| 999022 | CVE-2021-37918 | WEB-MISC Zoho ManageEngine ADManager Plus Prior to 7111 - Path Traversal Vulnerability Via domainName (CVE-2021-37918) |
| 999023 | CVE-2021-37918 | WEB-MISC Zoho ManageEngine ADManager Plus Prior to 7111 - Path Traversal Vulnerability Via bm_operationId (CVE-2021-37918) |
| 999024 | CVE-2021-37918 | WEB-MISC Zoho ManageEngine ADManager Plus Prior to 7111 - RCE Via Arbitrary File Upload Vulnerability (CVE-2021-37918) |
| 999025 | CVE-2021-32649 | WEB-MISC OctoberCMS Prior to Build 473 and v1.1.6 - Remote Code Execution Vulnerability via Twig (CVE-2021-32649) |
| 999026 | CVE-2021-32648 | WEB-MISC OctoberCMS Prior to Build 472 and v1.1.5 - Password Reset Vulnerability (CVE-2021-32648) |
| 999027 | CVE-2021-32099,CVE-2020-26518 | WEB-MISC Artica Pandora Prior to 743 - SQL Injection Vulnerability Via chart_generator (CVE-2021-32099, CVE-2020-26518) |
| 999028 | CVE-2021-32098 | WEB-MISC Artica Pandora Prior to 743 - Phar Deserialization Vulnerability Via progressbubble (CVE-2021-32098) |
| 999029 | CVE-2021-32098 | WEB-MISC Artica Pandora Prior to 743 - Phar Deserialization Vulnerability Via progressbar (CVE-2021-32098) |
| 999030 | CVE-2021-30149 | WEB-MISC Composr 10.0.36 - Remote Code Execution Vulnerability (CVE-2021-30149) |
| 999031 | CVE-2021-25114 | WEB-WORDPRESS Paid Memberships Pro Plugin Prior to 2.6.7 - SQLi Vulnerability Via rest_route and discount_code (CVE-2021-25114) |
| 999032 | CVE-2021-25114 | WEB-WORDPRESS Paid Memberships Pro Plugin Prior to 2.6.7 - SQLi Vulnerability Via wp-json and discount_code (CVE-2021-25114) |
| 999033 | CVE-2021-21984 | WEB-MISC VMware vRealize Business for Cloud 7.x prior to 7.6.0 - Remote Code Execution Vulnerability (CVE-2021-21984) |
本内容的正式版本为英文版。部分 Cloud Software Group 文档内容采用了机器翻译,仅供您参考。Cloud Software Group 无法控制机器翻译的内容,这些内容可能包含错误、不准确或不合适的语言。对于从英文原文翻译成任何其他语言的内容的准确性、可靠性、适用性或正确性,或者您的 Cloud Software Group 产品或服务沿用了任何机器翻译的内容,我们均不作任何明示或暗示的保证,并且适用的最终用户许可协议或服务条款或者与 Cloud Software Group 签订的任何其他协议(产品或服务与已进行机器翻译的任何文档保持一致)下的任何保证均不适用。对于因使用机器翻译的内容而引起的任何损害或问题,Cloud Software Group 不承担任何责任。
签名更新版本 78
已复制!
失败!