ADC

签名更新版本 98

针对在 2022-12-06 周发现的漏洞生成了新的签名规则。您可以下载并配置这些签名规则,以保护您的设备免受安全漏洞攻击。

签名版本

签名版本 98 适用于 NetScaler 11.1、NetScaler 12.0、NetScaler 12.1、NetScaler 13.0、NetScaler 13.1 平台。

注意

启用帖子正文和响应正文签名规则可能会影响 NetScaler CPU。

常见漏洞条目 (CVE) 见解

以下是签名规则、CVE ID 及其描述的列表。

签名规则 CVE ID 说明
998820 CVE-2022-43781 WEB-MISC Atlassian Bitbucket Server Multiple Versions - OS Command Injection Vulnerability (CVE-2022-43781)
998821 CVE-2022-43775 WEB-MISC Delta DIAEnergie - SQL Injection Vulnerability Via HandlerTag_KID (CVE-2022-43775)
998822 CVE-2022-43774 WEB-MISC Delta DIAEnergie - SQL Injection Vulnerability Via HandlerPageP_KID and KID (CVE-2022-43774)
998823 CVE-2022-43774 WEB-MISC Delta DIAEnergie - SQL Injection Vulnerability Via HandlerPageP_KID and HtmlId (CVE-2022-43774)
998824 CVE-2022-42977,CVE-2022-42978 WEB-MISC Netic Confluence User Export App Prior to 1.3.5 - Information Disclosure Vulnerability (CVE-2022-42977, CVE-2022-42978)
998825 CVE-2022-40127 WEB-MISC Apache Airflow Prior To 2.4.0 - Example Dags Command Injection Vulnerability via Api (CVE-2022-40127)
998826 CVE-2022-40127 WEB-MISC Apache Airflow Prior To 2.4.0 - Example Dags Command Injection Vulnerability via Trigger (CVE-2022-40127)
998827 CVE-2022-39298 WEB-MISC Melis Platform Prior to 5.0.1 - MelisFront Arbitrary Deserialization Vulnerability (CVE-2022-39298)
998828 CVE-2022-39297 WEB-MISC Melis Platform Prior to 5.0.1 - MelisCms Arbitrary Deserialization Vulnerability (CVE-2022-39297)
998829 CVE-2022-39296 WEB-MISC Melis Platform Prior to 5.0.1 - MelisAssetManager Arbitrary File Read Vulnerability (CVE-2022-39296)
998830 CVE-2022-38772 WEB-MISC Zoho ManageEngine Multiple Products - OS Command Injection Vulnerability Via configureNmapScanOptions (CVE-2022-38772)
998831 CVE-2022-35933 WEB-MISC Prestashop Productcomments Prior to 5.0.2 - Cross-Site Scripting Vulnerability (CVE-2022-35933)
998832 CVE-2022-3214 WEB-MISC Delta DIAEnergie - Use of Hard-Coded Credentials Vulnerability (CVE-2022-3214)
998833 CVE-2022-24716 WEB-MISC Icinga Web 2 - Arbitrary File Read Vulnerability via icinga-php-library (CVE-2022-24716)
998834 CVE-2022-24716 WEB-MISC Icinga Web 2 - Arbitrary File Read Vulnerability via icinga-php-thirdparty (CVE-2022-24716)
998835 CVE-2022-24715 WEB-MISC Icinga Web 2 - Path Traversal Vulnerability (CVE-2022-24715)
998836 CVE-2022-2139 WEB-MISC Advantech iView Prior to 5.7.04.6469 - Path Traversal Vulnerability Via NetworkServlet URI and filename (CVE-2022-2139)
998837 CVE-2022-2139 WEB-MISC Advantech iView Prior to 5.7.04.6469 - Path Traversal Vulnerability Via CommandServlet URI and filename (CVE-2022-2139)
998838 CVE-2021-39144 WEB-MISC VMware Cloud Foundation 3.x - Remote Code Execution Vulnerability via XStream (CVE-2021-39144)
998839 CVE-2021-35220 WEB-MISC SolarWinds Orion Prior to 2020.2.6 HF1 - RCE Vulnerability Via EmailWebPage and TestAction (CVE-2021-35220)
998840 CVE-2021-35220 WEB-MISC SolarWinds Orion Prior to 2020.2.6 HF1 - RCE Vulnerability Via EmailWebPage Create or Update (CVE-2021-35220)
签名更新版本 98