ADC

签名更新版本 92

针对2022-09-22周发现的漏洞生成了新的签名规则。您可以下载并配置这些签名规则,以保护您的设备免受安全漏洞攻击。

签名版本

签名版本 92 适用于 NetScaler 11.1、NetScaler 12.0、NetScaler 12.1、NetScaler 13.0、NetScaler 13.1 平台。

注意

启用帖子正文和响应正文签名规则可能会影响 NetScaler CPU。

常见漏洞条目 (CVE) 见解

以下是签名规则、CVE ID 及其描述的列表。

签名规则 CVE ID 说明
998884 CVE-2022-38130 WEB-MISC Keysight SMS Prior to 2.4.1 - Arbitrary File Upload Vulnerability Allows SQL Injection (CVE-2022-38130)
998885 CVE-2022-35741 WEB-MISC Apache Cloudstack Prior to 4.16.1.1 - XML External Entity Injection Vulnerability Via SAMLResponse (CVE-2022-35741)
998886 CVE-2022-35650 WEB-MISC Moodle Multiple Versions - Path Traversal Vulnerability Via Blackboard Questions (CVE-2022-35650)
998887 CVE-2022-32551 WEB-MISC Zoho ManageEngine ServiceDesk MSP Prior to 10604 - Unauthenticated Information Disclosure Via /WEB-INF (CVE-2022-32551)
998888 CVE-2022-31675 WEB-MISC VMware vRealize Operations Manager - Authentication Bypass Vulnerability (CVE-2022-31675)
998889 CVE-2022-31674 WEB-MISC VMware vRealize Operations Manager - Information Disclosure Vulnerability (CVE-2022-31674)
998890 CVE-2022-31656 WEB-MISC VMware Workspace ONE Access - Authentication Bypass Vulnerability (CVE-2022-31656)
998891 CVE-2022-31474 WEB-WORDPRESS BackupBuddy Plugin Prior to 8.7.5 - Information Disclosure Via backupbuddy_local_download (CVE-2022-31474)
998892 CVE-2022-31137,CVE-2022-31126 WEB-MISC Roxy-wi Prior To 6.1.1.0 - Multiple Command Injection Vulnerabilities (CVE-2022-31137, CVE-2022-31126)
998893 CVE-2022-28731 WEB-MISC Apache JSPWiki Prior to 2.11.3 - Server Side Request Forgery Vulnerability (CVE-2022-28731)
998894 CVE-2022-2551 WEB-WORDPRESS Duplicator Plugin Prior to 1.4.7.1 - Unauthenticated Backup Download Vulnerability (CVE-2022-2551)
998895 CVE-2022-2546 WEB-WORDPRESS All-in-One WP Migration Plugin Prior to 7.63 - Reflected XSS Vulnerability Via ai1wm_export (CVE-2022-2546)
998896 CVE-2022-2546 WEB-WORDPRESS All-in-One WP Migration Plugin Prior to 7.63 - Reflected XSS Vulnerability Via ai1wm_import (CVE-2022-2546)
998897 CVE-2022-24948 WEB-MISC Apache JSPWiki Prior to 2.11.2 - XSS Vulnerability (CVE-2022-24948)
998898 CVE-2022-2139 WEB-MISC Advantech iView Prior to 5.7.04.6469 - Path Traversal Vulnerability Via MenuServlet URI and page (CVE-2022-2139)
998899 CVE-2022-2139 WEB-MISC Advantech iView Prior to 5.7.04.6469 - Path Traversal Vulnerability Via CommandServlet URI and page (CVE-2022-2139)
998900 CVE-2022-2139 WEB-MISC Advantech iView Prior to 5.7.04.6469 - Path Traversal Vulnerability Via CommandServlet URI and filename (CVE-2022-2139)
998901 CVE-2022-2139 WEB-MISC Advantech iView Prior to 5.7.04.6469 - Path Traversal Vulnerability Via NetworkServlet URI and filename (CVE-2022-2139)
998902 CVE-2022-0817 WEB-WORDPRESS BadgeOS Plugin Prior to 3.7.1 - SQLi Vulnerability Via get-earned-achievements and exclude (CVE-2022-0817)
998903 CVE-2022-0817 WEB-WORDPRESS BadgeOS Plugin Prior to 3.7.1 - SQLi Vulnerability Via get-earned-achievements and include (CVE-2022-0817)
998904 CVE-2022-0817 WEB-WORDPRESS BadgeOS Plugin Prior to 3.7.1 - SQLi Vulnerability Via get-earned-achievements and order (CVE-2022-0817)
998905 CVE-2022-0817 WEB-WORDPRESS BadgeOS Plugin Prior to 3.7.1 - SQLi Vulnerability Via get-earned-achievements and orderby (CVE-2022-0817)
998906 CVE-2022-0817 WEB-WORDPRESS BadgeOS Plugin Prior to 3.7.1 - SQLi Vulnerability Via get-earned-achievements and offset (CVE-2022-0817)
998907 CVE-2022-0817 WEB-WORDPRESS BadgeOS Plugin Prior to 3.7.1 - SQLi Vulnerability Via get-earned-achievements and limit (CVE-2022-0817)
998908 CVE-2018-20062,CVE-2019-9082 WEB-MISC ThinkPHP 5.x Prior to 5.1.32 - Unauthenticated Remote Code Execution Vulnerability (CVE-2018-20062, CVE-2019-9082)
签名更新版本 92