签名更新版本 104
针对2023-03-28周发现的漏洞生成了新的签名规则。您可以下载并配置这些签名规则,以保护您的设备免受安全漏洞攻击。
签名版本
签名版本 104 适用于 NetScaler 11.1、NetScaler 12.0、Citrix ADC 12.1、Citrix ADC 13.0、Citrix ADC 13.1 平台。
注意
启用帖子正文和响应正文签名规则可能会影响 Citrix ADC CPU。
常见漏洞条目 (CVE) 见解
以下是签名规则、CVE ID 及其描述的列表。
| 签名规则 | CVE ID | 说明 |
|---|---|---|
| 998737 | CVE-2023-25135 | WEB-MISC vBulletin Mutiple Version - PHP Object Injection Vulnerability via searchprefs (CVE-2023-25135) |
| 998738 | CVE-2023-25135 | WEB-MISC vBulletin Mutiple Version - PHP Object Injection Vulnerability via pmfolders (CVE-2023-25135) |
| 998739 | CVE-2023-25135 | WEB-MISC vBulletin Mutiple Version - PHP Object Injection Vulnerability via subfolders (CVE-2023-25135) |
| 998740 | CVE-2023-23752 | WEB-MISC Joomla! 4.x up to 4.2.7 - API Improper Access Check Vulnerability (CVE-2023-23752) |
| 998741 | CVE-2023-22974 | WEB-MISC OpenEMR Prior To 7.0.0 - Information Disclosure Vulnerability (CVE-2023-22974) |
| 998742 | CVE-2023-22952 | WEB-MISC SugarCRM before 12.0 Hotfix 91155 - EmailTemplates PHP Code Injection Vulnerability (CVE-2023-22952) |
| 998743 | CVE-2023-22374 | WEB-MISC F5 BIG-IP Multiple Versions - Format String Vulnerability (CVE-2023-22374) |
| 998744 | CVE-2023-20858 | WEB-MISC VMware Carbon Black App Control Multiple Versions - SQL Injection Vulnerability (CVE-2023-20858) |
| 998745 | CVE-2022-47002,CVE-2022-47003 | WEB-MISC Mura CMS and Masa CMS - Authentication Bypass Vulnerability (CVE-2022-47002, CVE-2022-47003) |
| 998746 | CVE-2022-4506 | WEB-MISC OpenEMR Prior To 7.0.0.2 - Arbitrary File Upload Vulnerability (CVE-2022-4506) |
| 998747 | CVE-2022-44298 | WEB-MISC SiteServer CMS Prior to 7.2.0 - SQL Injection Vulnerability (CVE-2022-44298) |
| 998748 | CVE-2022-44297 | WEB-MISC SiteServer CMS Prior to 7.2.0 - SQL Injection Vulnerability (CVE-2022-44297) |
| 998749 | CVE-2022-43709 | WEB-MISC MyBB Prior to 1.8.32 - SQL Injection Vulnerability (CVE-2022-43709) |
| 998750 | CVE-2022-40300 | WEB-MISC Zoho ManageEngine PasswordManagerPro, PAM360 and AccessManagerPlus have SQL injection vulnerabilities.(CVE-2022-40300) |
| 998751 | CVE-2022-36633 | WEB-MISC Teleport 9.3.6 - Command Injection (CVE-2022-36633) |
| 998752 | CVE-2022-35947 | WEB-MISC GLPI Up to 10.0.2 - SQL Injection Vulnerability via JSON (CVE-2022-35947) |
| 998753 | CVE-2022-35947 | WEB-MISC GLPI Up to 10.0.2 - SQL Injection Vulnerability via Form (CVE-2022-35947) |
| 998754 | CVE-2022-35914 | WEB-MISC GLPI Up to 10.0.2 - PHP Code Injection Vulnerability in htmLawedTest (CVE-2022-35914) |
| 998755 | CVE-2022-30547 | WEB-MISC WWBN AVideo Path Travesal (CVE-2022-30547) |
| 998756 | CVE-2022-24734 | WEB-MISC MyBB Prior to 1.8.30 - Remote Code Execution Vulnerability (CVE-2022-24734) |
| 998757 | CVE-2020-17496 | WEB-MISC vBulletin 5.5.4 through 5.6.2 - Remote Code Execution Vulnerability via routestring (CVE-2020-17496) |
| 998758 | CVE-2020-17496 | WEB-MISC vBulletin 5.5.4 through 5.6.2 - Remote Code Execution Vulnerability (CVE-2020-17496) |
| 998759 | CVE-2019-16759 | WEB-MISC vBulletin 5.x through 5.5.4 - Remote Code Execution Vulnerability via routestring (CVE-2019-16759) |
| 998760 | CVE-2019-16759 | WEB-MISC vBulletin 5.x through 5.5.4 - Remote Code Execution Vulnerability (CVE-2019-16759) |
本内容的正式版本为英文版。部分 Cloud Software Group 文档内容采用了机器翻译,仅供您参考。Cloud Software Group 无法控制机器翻译的内容,这些内容可能包含错误、不准确或不合适的语言。对于从英文原文翻译成任何其他语言的内容的准确性、可靠性、适用性或正确性,或者您的 Cloud Software Group 产品或服务沿用了任何机器翻译的内容,我们均不作任何明示或暗示的保证,并且适用的最终用户许可协议或服务条款或者与 Cloud Software Group 签订的任何其他协议(产品或服务与已进行机器翻译的任何文档保持一致)下的任何保证均不适用。对于因使用机器翻译的内容而引起的任何损害或问题,Cloud Software Group 不承担任何责任。
已复制!
失败!