ADC

签名更新版本 104

针对2023-03-28周发现的漏洞生成了新的签名规则。您可以下载并配置这些签名规则,以保护您的设备免受安全漏洞攻击。

签名版本

签名版本 104 适用于 NetScaler 11.1、NetScaler 12.0、Citrix ADC 12.1、Citrix ADC 13.0、Citrix ADC 13.1 平台。

注意

启用帖子正文和响应正文签名规则可能会影响 Citrix ADC CPU。

常见漏洞条目 (CVE) 见解

以下是签名规则、CVE ID 及其描述的列表。

签名规则 CVE ID 说明
998737 CVE-2023-25135 WEB-MISC vBulletin Mutiple Version - PHP Object Injection Vulnerability via searchprefs (CVE-2023-25135)
998738 CVE-2023-25135 WEB-MISC vBulletin Mutiple Version - PHP Object Injection Vulnerability via pmfolders (CVE-2023-25135)
998739 CVE-2023-25135 WEB-MISC vBulletin Mutiple Version - PHP Object Injection Vulnerability via subfolders (CVE-2023-25135)
998740 CVE-2023-23752 WEB-MISC Joomla! 4.x up to 4.2.7 - API Improper Access Check Vulnerability (CVE-2023-23752)
998741 CVE-2023-22974 WEB-MISC OpenEMR Prior To 7.0.0 - Information Disclosure Vulnerability (CVE-2023-22974)
998742 CVE-2023-22952 WEB-MISC SugarCRM before 12.0 Hotfix 91155 - EmailTemplates PHP Code Injection Vulnerability (CVE-2023-22952)
998743 CVE-2023-22374 WEB-MISC F5 BIG-IP Multiple Versions - Format String Vulnerability (CVE-2023-22374)
998744 CVE-2023-20858 WEB-MISC VMware Carbon Black App Control Multiple Versions - SQL Injection Vulnerability (CVE-2023-20858)
998745 CVE-2022-47002,CVE-2022-47003 WEB-MISC Mura CMS and Masa CMS - Authentication Bypass Vulnerability (CVE-2022-47002, CVE-2022-47003)
998746 CVE-2022-4506 WEB-MISC OpenEMR Prior To 7.0.0.2 - Arbitrary File Upload Vulnerability (CVE-2022-4506)
998747 CVE-2022-44298 WEB-MISC SiteServer CMS Prior to 7.2.0 - SQL Injection Vulnerability (CVE-2022-44298)
998748 CVE-2022-44297 WEB-MISC SiteServer CMS Prior to 7.2.0 - SQL Injection Vulnerability (CVE-2022-44297)
998749 CVE-2022-43709 WEB-MISC MyBB Prior to 1.8.32 - SQL Injection Vulnerability (CVE-2022-43709)
998750 CVE-2022-40300 WEB-MISC Zoho ManageEngine PasswordManagerPro, PAM360 and AccessManagerPlus have SQL injection vulnerabilities.(CVE-2022-40300)
998751 CVE-2022-36633 WEB-MISC Teleport 9.3.6 - Command Injection (CVE-2022-36633)
998752 CVE-2022-35947 WEB-MISC GLPI Up to 10.0.2 - SQL Injection Vulnerability via JSON (CVE-2022-35947)
998753 CVE-2022-35947 WEB-MISC GLPI Up to 10.0.2 - SQL Injection Vulnerability via Form (CVE-2022-35947)
998754 CVE-2022-35914 WEB-MISC GLPI Up to 10.0.2 - PHP Code Injection Vulnerability in htmLawedTest (CVE-2022-35914)
998755 CVE-2022-30547 WEB-MISC WWBN AVideo Path Travesal (CVE-2022-30547)
998756 CVE-2022-24734 WEB-MISC MyBB Prior to 1.8.30 - Remote Code Execution Vulnerability (CVE-2022-24734)
998757 CVE-2020-17496 WEB-MISC vBulletin 5.5.4 through 5.6.2 - Remote Code Execution Vulnerability via routestring (CVE-2020-17496)
998758 CVE-2020-17496 WEB-MISC vBulletin 5.5.4 through 5.6.2 - Remote Code Execution Vulnerability (CVE-2020-17496)
998759 CVE-2019-16759 WEB-MISC vBulletin 5.x through 5.5.4 - Remote Code Execution Vulnerability via routestring (CVE-2019-16759)
998760 CVE-2019-16759 WEB-MISC vBulletin 5.x through 5.5.4 - Remote Code Execution Vulnerability (CVE-2019-16759)
签名更新版本 104