ADC

签名更新版本 105

针对在 2023-04-18 周发现的漏洞,将生成新的签名规则。您可以下载并配置这些签名规则,以保护您的设备免受安全漏洞攻击。

签名版本

签名版本 105 适用于 NetScaler 11.1、NetScaler 12.0、Citrix ADC 12.1、Citrix ADC 13.0、NetScaler 13.1、NetScaler 14.1 平台。

注意

启用帖子正文和响应正文签名规则可能会影响 Citrix ADC CPU。

常见漏洞条目 (CVE) 见解

以下是签名规则、CVE ID 及其描述的列表。

签名规则 CVE ID 说明
998722 CVE-2023-28432 WEB-MISC MinIO Prior to RELEASE.2023-03-20T20-16-18Z - Information Disclosure Vulnerability (CVE-2023-28432)
998723 CVE-2023-25802 WEB-MISC Roxy-WI Prior to 6.3.7.0 - Path Traversal Vulnerability (CVE-2023-25802)
998724 CVE-2023-23488 WEB-WORDPRESS Paid Memberships Pro Prior to 2.9.8 - REST_ROUTE Unauthenticated SQL Injection Vulnerability (CVE-2023-23488)
998725 CVE-2023-23488 WEB-WORDPRESS Paid Memberships Pro Prior to 2.9.8 - REST API Unauthenticated SQL Injection Vulnerability (CVE-2023-23488)
998726 CVE-2023-1658 WEB-MISC Contec CONPROSYS HMI System Prior to 3.5.2 - Pre-Auth SQL Injection Vulnerability (CVE-2023-1658)
998727 CVE-2023-0955 WEB-WORDPRESS WP Statistics Plugin Prior to 14.0 - REST_ROUTE SQL Injection Vulnerability Via ID (CVE-2023-0955)
998728 CVE-2023-0955 WEB-WORDPRESS WP Statistics Plugin Prior to 14.0 - REST API SQL Injection Vulnerability Via ID (CVE-2023-0955)
998729 CVE-2023-0955 WEB-WORDPRESS WP Statistics Plugin Prior to 14.0 - REST_ROUTE SQL Injection Vulnerability Via type (CVE-2023-0955)
998730 CVE-2023-0955 WEB-WORDPRESS WP Statistics Plugin Prior to 14.0 - REST API SQL Injection Vulnerability Via type (CVE-2023-0955)
998731 CVE-2023-0669 WEB-MISC Fortra GoAnywhere MFT Prior to 7.1.2 - Unauthenticated Remote Code Execution Vulnerability (CVE-2023-0669)
998732 CVE-2022-24697 WEB-MISC Apache Kylin - Command Injection Vulnerability Via Configuration Overwrites (CVE-2022-24697)
998733 CVE-2022-21587 WEB-MISC Oracle Web Applications Desktop Integrator - Path Traveral Vulnerability Via BneOfflineLOVService (CVE-2022-21587)
998734 CVE-2022-21587 WEB-MISC Oracle Web Applications Desktop Integrator - Path Traveral Vulnerability Via BneDownloadService (CVE-2022-21587)
998735 CVE-2022-21587 WEB-MISC Oracle Web Applications Desktop Integrator - Path Traveral Vulnerability Via BneViewerXMLService (CVE-2022-21587)
998736 CVE-2022-21587 WEB-MISC Oracle Web Applications Desktop Integrator - Path Traveral Vulnerability Via BneUploaderService (CVE-2022-21587)
签名更新版本 105