签名更新版本 47
针对2020-06-12当周发现的漏洞,将生成新的签名规则。您可以下载并配置这些签名规则,以保护您的设备免受安全漏洞攻击。
签名版本
签名版本 47 与以下软件版本的 Citrix 应用程序Delivery Controller (ADC) 11.1、12.0、12.1、13.0 和 13.1 兼容。
Citrix ADC 12.0 版本已达到生命周期终止 (EOL)。有关更多信息,请参阅 发布生命周期 页面。
注意:
启用帖子正文和响应正文签名规则可能会影响 Citrix ADC CPU。
常见漏洞条目 (CVE) 见解
以下是签名规则、CVE ID 及其描述的列表。
| 签名规则 | CVE ID | 说明 |
|---|---|---|
| 999580 | CVE-2020-6010 | WEB-WORDPRESS LearnPress LMS plug-in Prior to 3.2.6.9 - SQL Injection Vulnerability (CVE-2020-6010) |
| 999581 | WEB-MISC Nagios XI Up To 5.6.13 - Service Command_Test Arbitrary Command Execution Vulnerability | |
| 999582 | CVE-2020-0932 | Microsoft SharePoint Server - WebPart Source Markup Remote Code Execution Vulnerability Via SOAP 1.2 (CVE-2020-0932) |
| 999583 | CVE-2020-0932 | Microsoft SharePoint Server - WebPart Source Markup Remote Code Execution Vulnerability Via SOAP 1.1 (CVE-2020-0932) |
| 999584 | CVE-2020-12642 | WEB-WORDPRESS Ninja Forms plug-in Prior to 3.4.24.2 - Cross-Site Request Forgery Vulnerability via Import Fields (CVE-2020-12642) |
| 999585 | CVE-2020-12642 | WEB-WORDPRESS Ninja Forms plug-in Prior to 3.4.24.2 - Cross-Site Request Forgery Vulnerability via Import Form (CVE-2020-12642) |
| 999586 | CVE-2020-11450 | WEB-MISC Microstrategy Web 10.4 - Information Disclosure Vulnerability (CVE-2020-11450) |
| 999587 | CVE-2020-7935 | WEB-MISC Artica Pandora FMS 7.0 - Unrestricted Upload of File With Dangerous Type Vulnerability Allows RCE (CVE-2020-7935) |
| 999588 | CVE-2020-12116 | WEB-MISC Zoho ManageEngine OpManager Prior to Build 125125 - Information Disclosure Vulnerability (CVE-2020-12116) |
| 999589 | WEB-WORDPRESS Elementor Page Builder Prior to 2.9.6 - Privilege Escalation Vulnerability | |
| 999590 | CVE-2020-11738 | WEB-WORDPRESS - Snap Creek Duplicator plug-in Prior to 1.3.28 - Path Traversal Vulnerability (CVE-2020-11738) |
| 999591 | CVE-2020-10389 | WEB-MISC Chadha PHPKB Standard Multi-Language 9 - Remote Code Execution vulnerability (CVE-2020-10389) |
| 999592 | CVE-2020-11516 | WEB-WORDPRESS Contact Form 7 Datepicker plug-in Up To 2.6.0 - Stored cross-site scripting Vulnerability (CVE-2020-11516) |
| 999593 | WEB-MISC Nagios XI Up To 5.6.13 - Export-RRD Arbitrary Command Execution Vulnerability Via Step | |
| 999594 | WEB-MISC Nagios XI Up To 5.6.13 - Export-RRD Arbitrary Command Execution Vulnerability Via End | |
| 999595 | WEB-MISC Nagios XI Up To 5.6.13 - Export-RRD Arbitrary Command Execution Vulnerability Via Start | |
| 999596 | CVE-2019-19799 | Zoho ManageEngine Applications Manager Previous To 14600 - Information Disclosure Vulnerability (CVE-2019-19799) |
| 999597 | CVE-2020-10458 | WEB-MISC Chadha PHPKB Standard Multi-Language 9 - Arbitrary Folder Deletion Vulnerability (CVE-2020-10458) |
| 999598 | CVE-2017-9822 | WEB-MISC DNN Before 9.1.1 - Remote Code Execution Vulnerability Via DNNPersonalization Cookie (CVE-2017-9822) |
| 999599 | CVE-2020-7953 | WEB-MISC OpServices OpMon 9.3.2 - Unauthenticated Information Disclosure Vulnerability Via nmap_options Param (CVE-2020-7953) |
| 999600 | CVE-2020-7953 | WEB-MISC OpServices OpMon 9.3.2 - Unauthenticated Information Disclosure Vulnerability Via host Param (CVE-2020-7953) |
| 999601 | WEB-MISC Bolt CMS 3.7.0 - File Rename to a Dangerous Type Vulnerability Via newname Parameter | |
| 999602 | WEB-MISC Bolt CMS 3.7.0 - Path Traversal Vulnerability Via newname Parameter | |
| 999603 | WEB-MISC Bolt CMS 3.7.0 - Path Traversal Vulnerability Via oldname Parameter | |
| 999604 | WEB-MISC Bolt CMS 3.7.0 - Path Traversal Vulnerability Via parent Parameter | |
| 999605 | WEB-MISC Bolt CMS 3.7.0 - Improper Field Validation Vulnerability in displayname Parameter | |
| 999606 | CVE-2020-9004 | WEB-MISC - Wowza Streaming Engine 4.7.8 - Incorrect Authorization Vulnerability in View Logs (CVE-2020-9004) |
| 999607 | CVE-2020-9004 | WEB-MISC - Wowza Streaming Engine 4.7.8 - Incorrect Authorization Vulnerability in Media Cache Settings (CVE-2020-9004) |
| 999608 | CVE-2020-9004 | WEB-MISC - Wowza Streaming Engine 4.7.8 - Incorrect Authorization Vulnerability in Applications Settings (CVE-2020-9004) |
| 999609 | CVE-2020-9004 | WEB-MISC - Wowza Streaming Engine 4.7.8 - Incorrect Authorization Vulnerability in Server Settings (CVE-2020-9004) |
| 999610 | WEB-MISC PrestaShop 1.7.6.5 - CSRF Vulnerability via Filemanager | |
| 999611 | CVE-2020-10238 | WEB-MISC Joomla! Previous To 3.9.16 - Security Bypass Vulnerability via com_templates (CVE-2020-10238) |
| 999612 | CVE-2020-11510 | WEB-WORDPRESS LearnPress LMS plug-in Prior to 3.2.6.9 - Privilege Escalation Via learnpress_create_page (CVE-2020-11510) |
| 999613 | CVE-2020-11510 | WEB-WORDPRESS LearnPress LMS plug-in Prior to 3.2.6.9 - Privilege Escalation Via learnpress_update_order_status (CVE-2020-11510) |
| 999614 | CVE-2020-8636 | WEB-MISC OpServices OpMon 9.3.2 - Unauthenticated Remote Code Execution Vulnerability Via nmap_options Parameter (CVE-2020-8636) |
| 999615 | CVE-2020-8636 | WEB-MISC OpServices OpMon 9.3.2 - Unauthenticated Remote Code Execution Vulnerability Via host Parameter (CVE-2020-8636) |
| 999616 | CVE-2020-11511 | WEB-WORDPRESS LearnPress LMS plug-in Prior to 3.2.6.9 - Privilege Escalation Via accept-to-be-teacher (CVE-2020-11511) |
| 999617 | CVE-2020-11451 | WEB-MISC Microstrategy Web - Unsecure File Type Upload Vulnerability Via JSP (CVE-2020-11451) |
| 999618 | CVE-2020-11451 | WEB-MISC Microstrategy Web - Unsecure File Type Upload Vulnerability Via ASP (CVE-2020-11451) |
| 999619 | CVE-2020-11515 | WEB-WORDPRESS WP SEO plug-in Rank Math Prior to 1.0.41 - Redirection Vulnerability Via REST API Through URL (CVE-2020-11515) |
| 999620 | CVE-2020-11515 | WEB-WORDPRESS WP SEO plug-in Rank Math Prior to 1.0.41 - Redirection Vulnerability Via REST API rest_route Param (CVE-2020-11515) |
| 999621 | CVE-2020-10457 | WEB-MISC Chadha PHPKB Standard Multi-Language 9 - Arbitrary File Renaming Vulnerability Via imgName (CVE-2020-10457) |
| 999622 | CVE-2020-10457 | WEB-MISC Chadha PHPKB Standard Multi-Language 9 - Arbitrary File Renaming Vulnerability Via imgUrl (CVE-2020-10457) |
| 999623 | CVE-2019-1821 | WEB-MISC Cisco Prime Infrastructure - Remote Code Execution Vulnerability (CVE-2019-1821) |
| 999624 | WEB-WORDPRESS Page Builder plug-in Prior to 2.10.16 - CSRF Vulnerability Via Ajax action_builder_content | |
| 999625 | WEB-WORDPRESS Page Builder plug-in Prior to 2.10.16 - CSRF Vulnerability Via Live Editor | |
| 999626 | CVE-2020-11514 | WEB-WORDPRESS WP SEO plug-in Rank Math Prior to 1.0.41 - Privilege Escalation Via REST API Through URL (CVE-2020-11514) |
| 999627 | CVE-2020-11514 | WEB-WORDPRESS WP SEO plug-in Rank Math Prior to 1.0.41 - Privilege Escalation Via REST API rest_route Param (CVE-2020-11514) |
| 999628 | CVE-2019-6713 | WEB-MISC ThinkCMF Prior to 5.0.190312 - Code Injection Vulnerability Via /route/editpost.html (CVE-2019-6713) |
| 999629 | CVE-2019-6713 | WEB-MISC ThinkCMF Prior to 5.0.190312 - Code Injection Vulnerability Via /route/addpost.html (CVE-2019-6713) |
| 999630 | WEB-WORDPRESS Google Site Kit plug-in Prior to 1.8.0 - Unprotected Verification Vulnerability | |
| 999631 | CVE-2020-9315 | WEB-MISC Oracle iPlanet Web Server 7.0.x - Incorrect Access Control Vulnerability (CVE-2020-9315) |
| 999632 | CVE-2020-1947 | WEB-MISC Apache ShardingSphere 4.0.0-RC3 and 4.0.0 - SnakeYAML Remote Code Execution Vulnerability (CVE-2020-1947) |
| 999633 | CVE-2020-7961 | Liferay Portal Prior To 7.2.1 CE GA2 - JSONWS Deserialization RCE Vulnerability Via JSON-RPC (CVE-2020-7961) |
| 999634 | CVE-2020-7961 | Liferay Portal Prior To 7.2.1 CE GA2 - JSONWS Deserialization RCE Vulnerability Via URL Path (CVE-2020-7961) |
| 999635 | CVE-2020-7961 | Liferay Portal Prior To 7.2.1 CE GA2 - JSONWS Deserialization RCE Vulnerability Via Form And URI Query (CVE-2020-7961) |
| 999636 | CVE-2020-8518 | WEB-MISC Horde Groupware Webmail Edition 5.2.22 - Remote Code Execution Vulnerability (CVE-2020-8518) |
| 999637 | CVE-2020-7351 | WEB-MISC Fonality Trixbox CE 2.8.0.4 and Prior - Remote Code Execution Vulnerability (CVE-2020-7351) |
| 999638 | CVE-2020-12720 | WEB-MISC vBulletin Prior to 5.6.1 Patch Level 1 - Unauthenticated SQL Injection Vulnerability (CVE-2020-12720) |
| 999639 | CVE-2019-19800 | Zoho ManageEngine Applications Manager Previous To 14520 - Path Traversal Vulnerability (CVE-2019-19800) |
| 999640 | CVE-2020-10386 | WEB-MISC Chadha PHPKB Standard Multi-Language 9 - Remote Code Execution (CVE-2020-10386) |
| 999641 | CVE-2020-8497 | WEB-MISC Artica Pandora FMS 7.0 - Unauthenticated Information Disclosure Vulnerability (CVE-2020-8497) |
| 999642 | CVE-2020-6009 | WEB-WORDPRESS LearnDash LMS plug-in Prior to 3.1.6 - Unauthenticated SQL Injection Vulnerability (CVE-2020-6009) |
签名更新版本 47
已复制!
失败!