ADC

签名更新版本 93

针对在 2022-10-02 周发现的漏洞生成了新的签名规则。您可以下载并配置这些签名规则,以保护您的设备免受安全漏洞攻击。

签名版本

签名版本 93 适用于 NetScaler 11.1、NetScaler 12.0、NetScaler 12.1、NetScaler 13.0、NetScaler 13.1 平台。

注意

启用帖子正文和响应正文签名规则可能会影响 NetScaler CPU。

常见漏洞条目 (CVE) 见解

以下是签名规则、CVE ID 及其描述的列表。

签名规则 CVE ID 说明
998871 CVE-2022-41082,CVE-2022-41040 WEB-MISC Microsoft Exchange Server - RCE Vulnerability (CVE-2022-41082, CVE-2022-41040)
998872 CVE-2022-37299 WEB-MISC Shirne CMS 1.2.0 - Path Traversal Vulnerability Via /static/ueditor/php/controller.php (CVE-2022-37299)
998873 CVE-2022-36923 WEB-MISC Zoho ManageEngine Multiple Products Multiple Versions - Authentication Bypass Vulnerability (CVE-2022-36923)
998874 CVE-2022-33891 WEB-MISC Apache Spark UI Multiple Versions - Remote Code Execution Vulnerability Via doAs Parameter (CVE-2022-33891)
998875 CVE-2022-3184,CVE-2022-3183 WEB-MISC DataProbe iBoot-PDU Prior to 1.42.06162022 - Remote Code Execution Vulnerability (CVE-2022-3184, CVE-2022-3183)
998876 CVE-2022-31814 WEB-MISC pfSense pfBlockerNG Prior to 2.1.4_26 - Remote Code Execution Vulnerability (CVE-2022-31814)
998877 CVE-2022-31097 WEB-MISC Apache Grafana - Unified Alerting Stored XSS Vulnerability (CVE-2022-31097)
998878 CVE-2022-2903 WEB-WORDPRESS NinjaForms Plugin Prior to 3.6.13 - PHP Object Injection Vulnerability (CVE-2022-2903)
998879 CVE-2022-2552 WEB-WORDPRESS Duplicator Plugin Prior to 1.4.7.1 - Unauthenticated Information Disclosure Vulnerability (CVE-2022-2552)
998880 CVE-2022-23854 WEB-MISC AVEVA InTouch Access Anywhere Secure Gateway - Path Traversal Vulnerability Via SG URI (CVE-2022-23854)
998881 CVE-2022-23854 WEB-MISC AVEVA InTouch Access Anywhere Secure Gateway - Path Traversal Vulnerability Via Blaze URI (CVE-2022-23854)
998882 CVE-2022-23854 WEB-MISC AVEVA InTouch Access Anywhere Secure Gateway - Path Traversal Vulnerability Via AccessAnywhere URI (CVE-2022-23854)
998883 CVE-2017-9841 WEB-MISC PHPUnit Before 4.8.28 and 5.x Before 5.6.3 - Remote Code Execution Vulnerability Via eval-stdin.php (CVE-2017-9841)

合并和更新的签名规则

一些多余的签名规则被删除,这些规则的 CVE ID 合并到更新的规则中。确保为每个已删除的规则启用相应的签名规则。

下表列出了合并和更新的签名规则 ID:

已删除的签名规则 更新的签名规则 CVE ID
1242 1243 CVE-2000-0071
1245 1244 CVE-2000-0071
1589 1221 CVE-2001-0224、NESSUS-10609
1648 832 CVE-1999-0509、NESSUS-10173、www.cert.org/advisories/CA-1996-11.html
1700 821 CVE-1999-0951、NESSUS-10122
2598 2597 CVE-2004-0600
999779 999721 CVE-2019-14994
999861 999859 CVE-2019-12099
999862 999857 https://www.wordfence.com/blog/2019/05s-command-injection-vulnerability-patched-in-wp-database-backup-plugin/
999863 999858 https://www.wordfence.com/blog/2019/05/privilege-escalation-flaw-present-in-slick-popup-plugin/
签名更新版本 93