签名更新版本 125

针对在 2024-02-26 周中发现的漏洞,将生成新的签名规则。您可以下载并配置这些签名规则,以保护您的设备免受安全漏洞攻击。

签名版本

签名版本 125 适用于 NetScaler 11.1、NetScaler 12.0、Citrix ADC 12.1、Citrix ADC 13.0、NetScaler 13.1、NetScaler 13.1、NetScaler 14.1 平台。

注意

启用帖子正文和响应正文签名规则可能会影响 NetScaler CPU。

常见漏洞条目 (CVE) 见解

以下是签名规则、CVE ID 及其描述的列表。

签名规则 CVE ID 说明
998532 CVE-2024-24830 WEB-MISC OpenObserve Prior to 0.8.0 - Privilege Escalation (CVE-2024-24830)
998533 CVE-2024-25106 WEB-MISC OpenObserve Prior to 0.8.0 - Unauthorized Access Vulnerability (CVE-2024-25106)
998534 CVE-2024-24747 WEB-MISC MinIO Prior to RELEASE.2024-01-31T20-20-33Z - Improper Privilege Management Vulnerability (CVE-2024-24747)
998535 CVE-2024-1709 WEB-MISC ConnectWise ScreenConnect Prior to 23.9.8 - Authentication Bypass Vulnerability (CVE-2024-1709)
998536 CVE-2024-1207 WEB-WORDPRESS WP Booking Calendar Plugin Prior to 9.9.1 - Unauthenticated SQL Injection Vulnerability (CVE-2024-1207)
998537 CVE-2024-0221 WEB-WORDPRESS Photo Gallery Up To 1.8.19 - Directory Traversal Vulnerability (CVE-2024-0221)
998538 CVE-2024-0221 WEB-WORDPRESS Photo Gallery Up To 1.8.19 - Directory Traversal Vulnerability (CVE-2024-0221)
998539 CVE-2023-46266 WEB-MISC Ivanti Avalanche Prior to 6.4.2 - Authentication Bypass Vulnerability (CVE-2023-46266)
998540 CVE-2023-46264 WEB-MISC Ivanti Avalanche Prior to 6.4.2 - Arbitrary File Upload Vulnerability (CVE-2023-46264)
998541 CVE-2023-46263 WEB-MISC Ivanti Avalanche Prior to 6.4.2 - Arbitrary File Upload Vulnerability (CVE-2023-46263)
998542 CVE-2023-46214 WEB-MISC Splunk Enterprise Prior to 9.0.7 and 9.1.2 - Insecure XML Parsing Vulnerability (CVE-2023-46214)
998543 CVE-2021-22962 WEB-MISC Ivanti Avalanche Prior to 6.4.2 - Authentication Bypass vulnerability (CVE-2021-22962)
签名更新版本 125