Signature update version 33
New signatures rules are generated for the vulnerabilities identified in version 33. You can download and configure these signature rules to protect your appliance from security vulnerable attacks.
Signature version
Signature version 33 is compatible with the following software versions of Citrix Application Delivery Controller (ADC) 11.1, 12.0, 12.1, 13.0 and 13.1.
Citrix ADC version 12.0 has reached end of life (EOL). For more information, see release life cycle page.
Note
Enabling Post body and Response body signature rules may affect Citrix ADC CPU.
Common Vulnerability Entry (CVE) insight
Following is a list of signature rules, CVE IDs, and its description.
Rule | CVE | Description | Vulnerability Reference |
---|---|---|---|
999860 | WordPress plug-in Yuzo Related Posts cross-site scripting Vulnerability | https://www.wordfence.com/blog/2019/04/yuzo-related-posts-zero-day-vulnerability-exploited-in-the-wild |
|
999861 | CVE-2019-12099 | cve,2019-12099 | |
999862 | WordPress plug-in Database Backup <= 5.2 - Remote Code Execution | https://www.wordfence.com/blog/2019/05/os-command-injection-vulnerability-patched-in-wp-database-backup-plug-in |
|
999863 | WordPress plug-in Slick Popup - Privilege Escalation | https://www.wordfence.com/blog/2019/05/privilege-escalation-flaw-present-in-slick-popup-plug-in |
|
999864 | CVE-2019-10866 | WordPress plug-in Form Maker 1.13.3 - SQL Injection | cve,2019-10866 |
999865 | WordPress plug-in Give – Stored cross-site scripting for Donors | https://blog.sucuri.net/2019/05/wordpress-plug-in-give-stored-xss-for-donors.html |
|
999866 | WordPress plug-in My Calendar <= 3.1.9 - Unauthenticated cross-site scripting Vulnerability | https://wpvulndb.com/vulnerabilities/9267 |
|
999867 | WordPress plug-in Slimstat <= 4.8 - Unauthenticated Stored cross-site scripting | https://blog.sucuri.net/2019/05/slimstat-stored-xss-from-visitors.html |
|
999868 | CVE-2019-2618 | WebLogic Arbitrary Upload Vulnerability | cve,2019-2618 |
999869 | CVE-2019-11871 | WEB-WORDPRESS WordPress plug-in Custom Field Suite Prior To 2.5.15 - Cross-Site Scripting Vulnerability | cve,2019-11871 |
999870 | WEB-WORDPRESS WordPress Live Chat Support plug-in Persistent cross-site scripting Vulnerability prior 8.0.27 via wplc_custom_js parameter | https://blog.sucuri.net/2019/05/persistent-cross-site-scripting-in-wp-live-chat-support-plug-in.html |
|
999871 | WEB-WORDPRESS WordPress plug-in W3 Total Cache Prior To 0.9.7.4 - PHAR Remote Code Execution Vulnerability | https://wpvulndb.com/vulnerabilities/9270 |
|
999872 | WEB-WORDPRESS WordPress plug-in W3 Total Cache Prior To 0.9.7.4 - PHAR Remote Code Execution Vulnerability | https://wpvulndb.com/vulnerabilities/9269 |
|
999873 | CVE-2019-0604 | WEB-MISC Microsoft Windows Sharepoint Server - Remote Code Execution Vulnerability | cve,2019-0604 |
999874 | WEB-WORDPRESS Yuzo Related Posts Unauthenticated Stored cross-site scripting Vulnerability in 5.12.91 | https://www.wordfence.com/blog/2019/04/yuzo-related-posts-zero-day-vulnerability-exploited-in-the-wild |