签名更新版本 98
针对在 2022-12-06 周发现的漏洞生成了新的签名规则。您可以下载并配置这些签名规则,以保护您的设备免受安全漏洞攻击。
签名版本
签名版本 98 适用于 NetScaler 11.1、NetScaler 12.0、NetScaler 12.1、NetScaler 13.0、NetScaler 13.1 平台。
注意
启用帖子正文和响应正文签名规则可能会影响 NetScaler CPU。
常见漏洞条目 (CVE) 见解
以下是签名规则、CVE ID 及其描述的列表。
| 签名规则 | CVE ID | 说明 |
|---|---|---|
| 998820 | CVE-2022-43781 | WEB-MISC Atlassian Bitbucket Server Multiple Versions - OS Command Injection Vulnerability (CVE-2022-43781) |
| 998821 | CVE-2022-43775 | WEB-MISC Delta DIAEnergie - SQL Injection Vulnerability Via HandlerTag_KID (CVE-2022-43775) |
| 998822 | CVE-2022-43774 | WEB-MISC Delta DIAEnergie - SQL Injection Vulnerability Via HandlerPageP_KID and KID (CVE-2022-43774) |
| 998823 | CVE-2022-43774 | WEB-MISC Delta DIAEnergie - SQL Injection Vulnerability Via HandlerPageP_KID and HtmlId (CVE-2022-43774) |
| 998824 | CVE-2022-42977,CVE-2022-42978 | WEB-MISC Netic Confluence User Export App Prior to 1.3.5 - Information Disclosure Vulnerability (CVE-2022-42977, CVE-2022-42978) |
| 998825 | CVE-2022-40127 | WEB-MISC Apache Airflow Prior To 2.4.0 - Example Dags Command Injection Vulnerability via Api (CVE-2022-40127) |
| 998826 | CVE-2022-40127 | WEB-MISC Apache Airflow Prior To 2.4.0 - Example Dags Command Injection Vulnerability via Trigger (CVE-2022-40127) |
| 998827 | CVE-2022-39298 | WEB-MISC Melis Platform Prior to 5.0.1 - MelisFront Arbitrary Deserialization Vulnerability (CVE-2022-39298) |
| 998828 | CVE-2022-39297 | WEB-MISC Melis Platform Prior to 5.0.1 - MelisCms Arbitrary Deserialization Vulnerability (CVE-2022-39297) |
| 998829 | CVE-2022-39296 | WEB-MISC Melis Platform Prior to 5.0.1 - MelisAssetManager Arbitrary File Read Vulnerability (CVE-2022-39296) |
| 998830 | CVE-2022-38772 | WEB-MISC Zoho ManageEngine Multiple Products - OS Command Injection Vulnerability Via configureNmapScanOptions (CVE-2022-38772) |
| 998831 | CVE-2022-35933 | WEB-MISC Prestashop Productcomments Prior to 5.0.2 - Cross-Site Scripting Vulnerability (CVE-2022-35933) |
| 998832 | CVE-2022-3214 | WEB-MISC Delta DIAEnergie - Use of Hard-Coded Credentials Vulnerability (CVE-2022-3214) |
| 998833 | CVE-2022-24716 | WEB-MISC Icinga Web 2 - Arbitrary File Read Vulnerability via icinga-php-library (CVE-2022-24716) |
| 998834 | CVE-2022-24716 | WEB-MISC Icinga Web 2 - Arbitrary File Read Vulnerability via icinga-php-thirdparty (CVE-2022-24716) |
| 998835 | CVE-2022-24715 | WEB-MISC Icinga Web 2 - Path Traversal Vulnerability (CVE-2022-24715) |
| 998836 | CVE-2022-2139 | WEB-MISC Advantech iView Prior to 5.7.04.6469 - Path Traversal Vulnerability Via NetworkServlet URI and filename (CVE-2022-2139) |
| 998837 | CVE-2022-2139 | WEB-MISC Advantech iView Prior to 5.7.04.6469 - Path Traversal Vulnerability Via CommandServlet URI and filename (CVE-2022-2139) |
| 998838 | CVE-2021-39144 | WEB-MISC VMware Cloud Foundation 3.x - Remote Code Execution Vulnerability via XStream (CVE-2021-39144) |
| 998839 | CVE-2021-35220 | WEB-MISC SolarWinds Orion Prior to 2020.2.6 HF1 - RCE Vulnerability Via EmailWebPage and TestAction (CVE-2021-35220) |
| 998840 | CVE-2021-35220 | WEB-MISC SolarWinds Orion Prior to 2020.2.6 HF1 - RCE Vulnerability Via EmailWebPage Create or Update (CVE-2021-35220) |
本内容的正式版本为英文版。部分 Cloud Software Group 文档内容采用了机器翻译,仅供您参考。Cloud Software Group 无法控制机器翻译的内容,这些内容可能包含错误、不准确或不合适的语言。对于从英文原文翻译成任何其他语言的内容的准确性、可靠性、适用性或正确性,或者您的 Cloud Software Group 产品或服务沿用了任何机器翻译的内容,我们均不作任何明示或暗示的保证,并且适用的最终用户许可协议或服务条款或者与 Cloud Software Group 签订的任何其他协议(产品或服务与已进行机器翻译的任何文档保持一致)下的任何保证均不适用。对于因使用机器翻译的内容而引起的任何损害或问题,Cloud Software Group 不承担任何责任。
签名更新版本 98
已复制!
失败!