签名更新版本 113

将为 2023-09-22 当周发现的漏洞生成新的签名规则。您可以下载并配置这些签名规则,以保护您的设备免受安全漏洞攻击。

签名版本

签名版本 113 适用于 NetScaler 11.1、NetScaler 12.0、Citrix ADC 12.1、Citrix ADC 13.0、NetScaler 13.1、NetScaler 14.1 平台。

注意

启用帖子正文和响应正文签名规则可能会影响 Citrix ADC CPU。

常见漏洞条目 (CVE) 见解

以下是签名规则、CVE ID 及其描述的列表。

签名规则 CVE ID 说明
998614 CVE-2023-38035 WEB-MISC Ivanti Sentry Up To 9.18.0 - Incorrect Authorization Vulnerability via /asproxy/services/ (CVE-2023-38035)
998615 CVE-2023-38035 WEB-MISC Ivanti Sentry Up To 9.18.0 - Incorrect Authorization Vulnerability via /mics/services/ (CVE-2023-38035)
998616 CVE-2023-36846 WEB-MISC Juniper JunOS SRX - Missing Authentication for Critical Function Vulnerability Via webauth_operation (CVE-2023-36846)
998617 CVE-2023-3486 WEB-MISC PaperCut NG Prior to 22.1.3 - Unrestricted File Upload Vulnerability (CVE-2023-3486)
998618 CVE-2023-34468,CVE-2023-40037 WEB-MISC Apache NiFi Multiple Versions - Command Injection Vulnerability (CVE-2023-34468, CVE-2023-40037)
998619 CVE-2023-33653 WEB-MISC Sitecore - Remote Code Execution Vulnerability (CVE-2023-33653)
998620 CVE-2023-33224,CVE-2023-23843 WEB-MISC SolarWinds Orion Platform Prior to 2023.3 - Remote Code Execution Vulnerability (CVE-2023-33224, CVE-2023-23843)
998621 CVE-2023-32566 WEB-MISC Ivanti Avalanche - SecureFilter Authentication Bypass Vulnerability (CVE-2023-32566)
998622 CVE-2023-32562 WEB-MISC Ivanti Avalanche Prior to 6.4.1 - Unrestricted File Upload Vulnerability (CVE-2023-32562)
998623 CVE-2023-32315 WEB-MISC Ignite Realtime Openfire - Path Traversal Vulnerability (CVE-2023-32315)
998624 CVE-2023-28128 WEB-MISC Ivanti Avalanche Prior to 6.4.0 - Unrestricted Upload Vulnerability (CVE-2023-28128)
998625 CVE-2023-27066 WEB-MISC Sitecore Up To 10.2 - Path Traversal Vulnerability (CVE-2023-27066)
998626 CVE-2022-23333 WEB-MISC Contec SolarView Compact Prior to 7.21 - OS Command Injection Vulnerability (CVE-2022-23333)
998627 CVE-2022-37044 WEB-MISC Zimbra Collaboration Suite Prior to 8.8.15 P33 - XSS Vulnerability via onload (CVE-2022-37044)
998628 CVE-2022-37044 WEB-MISC Zimbra Collaboration Suite Prior to 8.8.15 P33 - XSS Vulnerability via extra (CVE-2022-37044)
998629 CVE-2022-37044 WEB-MISC Zimbra Collaboration Suite Prior to 8.8.15 P33 - XSS Vulnerability via title (CVE-2022-37044)
998630 CVE-2022-24086 WEB-MISC Adobe Magento - Arbitrary Code Execution Vulnerability Via wishlist (CVE-2022-24086)
998631 CVE-2022-24086 WEB-MISC Adobe Magento - Arbitrary Code Execution Vulnerability via checkout (CVE-2022-24086)
签名更新版本 113