ADC

2023 年 1 月的签名更新

针对 2023-01-24 周发现的漏洞生成了新的签名规则。您可以下载并配置这些签名规则,以保护您的设备免受安全漏洞攻击。

签名版本

签名版本 101 适用于 NetScaler VPX 11.1、NetScaler 12.0、Citrix ADC 12.1、Citrix ADC 13.0、Citrix ADC 13.1 平台。

注意

启用帖子正文和响应正文签名规则可能会影响 Citrix ADC CPU。

常见漏洞条目 (CVE) 见解

以下是签名规则、CVE ID 及其描述的列表。

签名规则 CVE ID 说明
998790 CVE-2022-43452 WEB-MISC Delta Electronics DIAEnergie - SQL Injection Vulnerability Via Data Item Row Deletion (CVE-2022-43452)
998791 CVE-2022-43452 WEB-MISC Delta Electronics DIAEnergie - SQL Injection Vulnerability Via Data Type Row Deletion (CVE-2022-43452)
998792 CVE-2022-41080 WEB-MISC Microsoft Exchange Server - OWA Server Side Request Forgery Vulnerability (CVE-2022-41080)
998793 CVE-2022-40309 WEB-MISC Apache Archiva Prior to 2.2.9 - Arbitrary Directory Removal Vulnerability (CVE-2022-40309)
998794 CVE-2022-40308 WEB-MISC Apache Archiva Prior to 2.2.9 - Arbitrary File Read Vulnerability (CVE-2022-40308)
998795 CVE-2022-36962 WEB-MISC SolarWinds Platform Prior to 2022.4 - RCE Vulnerability Via SaveToDisk Create or Update (CVE-2022-36962)
998796 CVE-2022-36962 WEB-MISC SolarWinds Platform Prior to 2022.4 - RCE Vulnerability Via EmailUrl Create or Update (CVE-2022-36962)
998797 CVE-2022-3361 WEB-WORDPRESS WordPress Plugin Ultimate Member Prior to 2.5.1 - Directory Traversal (CVE-2022-3361)
998798 CVE-2022-24254 WEB-MISC Extensis Portfolio Prior to 4.0.1 - Arbitrary File Upload Vulnerability Via Backup Restore (CVE-2022-24254)
998799 CVE-2022-24253 WEB-MISC Extensis Portfolio Prior to 4.0.1 - Path Traversal Vulnerability Via brandingUpload (CVE-2022-24253)
998800 CVE-2022-0224 WEB-MISC Dolibarr Prior to 14.0.6 - SQL Injection Vulnerability (CVE-2022-0224)
998801 CVE-2021-35232 WEB-MISC SolarWinds Web Help Desk Prior to 12.7.7 Hotfix 1 - Use of Hard-Coded Credentials Vulnerability (CVE-2021-35232)
2023 年 1 月的签名更新