签名更新版本 65
为 2021-06-02 周确定的漏洞生成了新的签名规则。您可以下载并配置这些签名规则,以保护您的设备免受安全漏洞攻击。
签名版本
签名版本 65 与以下软件版本的 Citrix 应用程序Delivery Controller (ADC) 11.1、12.0、12.1、13.0 和 13.1 兼容。
Citrix ADC 12.0 版本已达到生命周期终止 (EOL)。有关更多信息,请参阅 发布生命周期 页面。
注意:
启用发布主体和响应主体签名规则可能会影响 Citrix ADC CPU。
常见漏洞条目 (CVE) 见解
以下是签名规则、CVE ID 及其描述的列表。
签名规则 | CVE ID | 说明 |
---|---|---|
999243 | CVE-2021-31761 | WEB-MISC Webmin Prior to 1.974 - XSS Vulnerability Via /servers/link.cgi/ (CVE-2021-31761) |
999244 | CVE-2021-31761 | WEB-MISC Webmin Prior to 1.974 - XSS Vulnerability Via /tunnel/link.cgi/ (CVE-2021-31761) |
999245 | CVE-2021-31166 | WEB-IIS Microsoft HTTP Protocol Stack - Remote Code Execution Vulnerability (CVE-2021-31166) |
999246 | CVE-2021-29447 | WEB-WORDPRESS WordPress Prior to 5.7.1 - Media Library XXE Vulnerability (CVE-2021-29447) |
999247 | CVE-2021-28157 | WEB-MISC Devolutions Server Prior to 2021.1 and 2020.3.18 - SQL Injection Vulnerability Via User Delete (CVE-2021-28157) |
999248 | CVE-2021-27905 | WEB-MISC Apache Solr Prior to 8.2.2 - ReplicationHandler SSRF Vulnerability via leaderUrl (CVE-2021-27905) |
999249 | CVE-2021-27905 | WEB-MISC Apache Solr Prior to 8.2.2 - ReplicationHandler SSRF Vulnerability via masterUrl (CVE-2021-27905) |
999250 | CVE-2021-27890 | WEB-MISC MyBB Prior to 1.8.26 - Theme Properties SQL Injection Vulnerability (CVE-2021-27890) |
999251 | CVE-2021-27850, CVE-2019-0195 | WEB-MISC Apache Tapestry - Unauthenticated Information Disclosure Vulnerability (CVE-2021-27850 and CVE-2019-0195) |
999252 | CVE-2021-27183 | WEB-MISC MDaemon Prior to 20.0.4 - Arbitrary File Write Vulnerability (CVE-2021-27183) |
999253 | CVE-2021-27181 | WEB-MISC MDaemon Prior to 20.0.4 - Anti-CSRF Token Fixation Vulnerability (CVE-2021-27181) |
999254 | CVE-2021-27180 | WEB-MISC MDaemon Prior to 20.0.4 - Reflected XSS Vulnerability (CVE-2021-27180) |
999255 | CVE-2021-24340 | WEB-WORDPRESS WP Statistics Prior to 13.0.8 - Unauthenticated SQL Injection Vulnerability (CVE-2021-24340) |
999256 | CVE-2021-24171 | WEB-WORDPRESS WooCommerce Upload Files Plugin Prior to 59.4 - Path Traversal Vulnerability (CVE-2021-24171) |
999257 | CVE-2021-24171 | WEB-WORDPRESS WooCommerce Upload Files Plugin Prior to 59.4 - Arbitrary File Upload Vulnerability (CVE-2021-24171) |
999258 | CVE-2021-22658 | WEB-MISC Advantech iView Prior to 5.7.03.6112 - SQLi Vulnerability Via UserServlet and user_password (CVE-2021-22658) |
999259 | CVE-2021-22658 | WEB-MISC Advantech iView Prior to 5.7.03.6112 - SQLi Vulnerability Via UserServlet and user_name (CVE-2021-22658) |
999260 | CVE-2021-22658 | WEB-MISC Advantech iView Prior to 5.7.03.6112 - SQLi Vulnerability Via CommandServlet and user_password (CVE-2021-22658) |
999261 | CVE-2021-22658 | WEB-MISC Advantech iView Prior to 5.7.03.6112 - SQLi Vulnerability Via CommandServlet and user_name (CVE-2021-22658) |
999262 | CVE-2021-21983 | WEB-MISC VMWare vRealize Operations Manager Prior to 8.4 - Arbitrary File Write Vulnerability (CVE-2021-21983) |
999263 | CVE-2020-6754 | WEB-MISC dotCMS Prior to 5.2.4 - Directory Traversal Vulnerability Via assets (CVE-2020-6754) |
999264 | CVE-2020-27128 | WEB-MISC Cisco SD-WAN vManage Prior to 20.3.1 - Arbitrary File Write Vulnerability Via remoteprocessing (CVE-2020-27128) |
999265 | CVE-2020-27128 | WEB-MISC Cisco SD-WAN vManage Prior to 20.3.1 - Arbitrary File Write Vulnerability Via dr (CVE-2020-27128) |
999266 | CVE-2020-15714 | WEB-MISC rConfig 3.9.5 and Prior - SQL Injection Vulnerability (CVE-2020-15714) |
999267 | CVE-2020-15713 | WEB-MISC rConfig Prior to 3.9.6 - SQL Injection Vulnerability (CVE-2020-15713) |
999268 | CVE-2020-14295 | WEB-MISC Cacti Prior to 1.2.13 - SQL Injection Vulnerability (CVE-2020-14295) |
999269 | CVE-2020-13778 | WEB-MISC rConfig Prior to 3.9.5 - Remote Code Execution Vulnerability Via ajaxEditTemplate.php (CVE-2020-13778) |
999270 | CVE-2020-13778 | WEB-MISC rConfig Prior to 3.9.5 - Remote Code Execution Vulnerability Via ajaxAddTemplate.php (CVE-2020-13778) |
999271 | CVE-2020-13592 | WEB-MISC Rukovoditel Project Management App - SQL Injection Vulnerability Via selected_fields (CVE-2020-13592) |
999272 | CVE-2020-13592 | WEB-MISC Rukovoditel Project Management App - SQL Injection Vulnerability Via lists_id (CVE-2020-13592) |
999273 | CVE-2020-13591 | WEB-MISC Rukovoditel Project Management App - SQL Injection Vulnerability (CVE-2020-13591) |
999274 | CVE-2020-13550 | WEB-MISC Advantech WebAccess/SCADA - Path Traversal Vulnerability Via fileName (CVE-2020-13550) |
签名更新版本 65
已复制!
失败!