Signature update version 33
New signatures rules are generated for the vulnerabilities identified in version 33. You can download and configure these signature rules to protect your appliance from security vulnerable attacks.
Signature version
Signatures are compatible with the following software versions of Citrix Application Delivery Controller (ADC) 11.1, 12.0, 12.1, 13.0 and 13.1.
Citrix ADC version 12.0 has reached end of life (EOL). For more information, see release life cycle page.
Note:
Enabling Post body and Response body signature rules may affect Citrix ADC CPU.
Common Vulnerability Entry (CVE) insight
Following is a list of signature rules, CVE IDs, and its description.
Rule | CVE | Description | Vulnerability Reference |
---|---|---|---|
999860 | WordPress Plugin Yuzo Related Posts XSS Vulnerability | https://www.wordfence.com/blog/2019/04/yuzo-related-posts-zero-day-vulnerability-exploited-in-the-wild |
|
999861 | CVE-2019-12099 | cve,2019-12099 | |
999862 | WordPress Plugin Database Backup <= 5.2 - Remote Code Execution | https://www.wordfence.com/blog/2019/05/os-command-injection-vulnerability-patched-in-wp-database-backup-plugin |
|
999863 | WordPress Plugin Slick Popup - Privilege Escalation | https://www.wordfence.com/blog/2019/05/privilege-escalation-flaw-present-in-slick-popup-plugin |
|
999864 | CVE-2019-10866 | WordPress Plugin Form Maker 1.13.3 - SQL Injection | cve,2019-10866 |
999865 | WordPress Plugin Give – Stored XSS for Donors | https://blog.sucuri.net/2019/05/wordpress-plugin-give-stored-xss-for-donors.html |
|
999866 | WordPress plug-in My Calendar <= 3.1.9 - Unauthenticated XSS Vulnerability | https://wpvulndb.com/vulnerabilities/9267 |
|
999867 | WordPress Plugin Slimstat <= 4.8 - Unauthenticated Stored XSS | https://blog.sucuri.net/2019/05/slimstat-stored-xss-from-visitors.html |
|
999868 | CVE-2019-2618 | WebLogic Arbitrary Upload Vulnerability | cve,2019-2618 |
999869 | CVE-2019-11871 | WEB-WORDPRESS WordPress Plugin Custom Field Suite Prior To 2.5.15 - Cross-Site Scripting Vulnerability | cve,2019-11871 |
999870 | WEB-WORDPRESS WordPress Live Chat Support Plugin Persistent XSS Vulnerability prior 8.0.27 via wplc_custom_js parameter | https://blog.sucuri.net/2019/05/persistent-cross-site-scripting-in-wp-live-chat-support-plugin.html |
|
999871 | WEB-WORDPRESS WordPress Plugin W3 Total Cache Prior To 0.9.7.4 - PHAR Remote Code Execution Vulnerability | https://wpvulndb.com/vulnerabilities/9270 |
|
999872 | WEB-WORDPRESS WordPress Plugin W3 Total Cache Prior To 0.9.7.4 - PHAR Remote Code Execution Vulnerability | https://wpvulndb.com/vulnerabilities/9269 |
|
999873 | CVE-2019-0604 | WEB-MISC Microsoft Windows Sharepoint Server - Remote Code Execution Vulnerability | cve,2019-0604 |
999874 | WEB-WORDPRESS Yuzo Related Posts Unauthenticated Stored XSS Vulnerability in 5.12.91 | https://www.wordfence.com/blog/2019/04/yuzo-related-posts-zero-day-vulnerability-exploited-in-the-wild |