签名更新版本 93
针对在 2022-10-02 周发现的漏洞生成了新的签名规则。您可以下载并配置这些签名规则,以保护您的设备免受安全漏洞攻击。
签名版本
签名版本 93 适用于 NetScaler 11.1、NetScaler 12.0、Citrix ADC 12.1、Citrix ADC 13.0、Citrix ADC 13.1 平台。
注意
启用帖子正文和响应正文签名规则可能会影响 Citrix ADC CPU。
常见漏洞条目 (CVE) 见解
以下是签名规则、CVE ID 及其描述的列表。
| 签名规则 | CVE ID | 说明 |
|---|---|---|
| 998871 | CVE-2022-41082,CVE-2022-41040 | WEB-MISC Microsoft Exchange Server - RCE Vulnerability (CVE-2022-41082, CVE-2022-41040) |
| 998872 | CVE-2022-37299 | WEB-MISC Shirne CMS 1.2.0 - Path Traversal Vulnerability Via /static/ueditor/php/controller.php (CVE-2022-37299) |
| 998873 | CVE-2022-36923 | WEB-MISC Zoho ManageEngine Multiple Products Multiple Versions - Authentication Bypass Vulnerability (CVE-2022-36923) |
| 998874 | CVE-2022-33891 | WEB-MISC Apache Spark UI Multiple Versions - Remote Code Execution Vulnerability Via doAs Parameter (CVE-2022-33891) |
| 998875 | CVE-2022-3184,CVE-2022-3183 | WEB-MISC DataProbe iBoot-PDU Prior to 1.42.06162022 - Remote Code Execution Vulnerability (CVE-2022-3184, CVE-2022-3183) |
| 998876 | CVE-2022-31814 | WEB-MISC pfSense pfBlockerNG Prior to 2.1.4_26 - Remote Code Execution Vulnerability (CVE-2022-31814) |
| 998877 | CVE-2022-31097 | WEB-MISC Apache Grafana - Unified Alerting Stored XSS Vulnerability (CVE-2022-31097) |
| 998878 | CVE-2022-2903 | WEB-WORDPRESS NinjaForms Plugin Prior to 3.6.13 - PHP Object Injection Vulnerability (CVE-2022-2903) |
| 998879 | CVE-2022-2552 | WEB-WORDPRESS Duplicator Plugin Prior to 1.4.7.1 - Unauthenticated Information Disclosure Vulnerability (CVE-2022-2552) |
| 998880 | CVE-2022-23854 | WEB-MISC AVEVA InTouch Access Anywhere Secure Gateway - Path Traversal Vulnerability Via SG URI (CVE-2022-23854) |
| 998881 | CVE-2022-23854 | WEB-MISC AVEVA InTouch Access Anywhere Secure Gateway - Path Traversal Vulnerability Via Blaze URI (CVE-2022-23854) |
| 998882 | CVE-2022-23854 | WEB-MISC AVEVA InTouch Access Anywhere Secure Gateway - Path Traversal Vulnerability Via AccessAnywhere URI (CVE-2022-23854) |
| 998883 | CVE-2017-9841 | WEB-MISC PHPUnit Before 4.8.28 and 5.x Before 5.6.3 - Remote Code Execution Vulnerability Via eval-stdin.php (CVE-2017-9841) |
合并和更新的签名规则
一些多余的签名规则被删除,这些规则的 CVE ID 合并到更新的规则中。确保为每个已删除的规则启用相应的签名规则。
下表列出了合并和更新的签名规则 ID:
| 已删除的签名规则 | 更新的签名规则 | CVE ID |
|---|---|---|
| 1242 | 1243 | CVE-2000-0071 |
| 1245 | 1244 | CVE-2000-0071 |
| 1589 | 1221 | CVE-2001-0224、NESSUS-10609 |
| 1648 | 832 | CVE-1999-0509、NESSUS-10173、www.cert.org/advisories/CA-1996-11.html
|
| 1700 | 821 | CVE-1999-0951、NESSUS-10122 |
| 2598 | 2597 | CVE-2004-0600 |
| 999779 | 999721 | CVE-2019-14994 |
| 999861 | 999859 | CVE-2019-12099 |
| 999862 | 999857 | https://www.wordfence.com/blog/2019/05s-command-injection-vulnerability-patched-in-wp-database-backup-plugin/ |
| 999863 | 999858 | https://www.wordfence.com/blog/2019/05/privilege-escalation-flaw-present-in-slick-popup-plugin/ |
签名更新版本 93
已复制!
失败!