Signature update for December 2019

New signatures rules are generated for the vulnerabilities identified in the week 2019-12-19. You can download and configure these signature rules to protect your appliance from security vulnerable attacks.

Signature version

Signature version 39 applicable for NetScaler VPX 11.1, NetScaler 12.0, Citrix ADC 12.1, Citrix ADC 13.0 platforms.

Note

Enabling Post body and Response body signature rules might affect Citrix ADC CPU.

Common Vulnerability Entry (CVE) insight

Following is a list of signature rules, CVE IDs, and its description.

Signature rule CVE ID Description
999760   WEB-MISC FusionPBX Versions Prior to 4.4.7 and 4.5.5 - Remote Code Execution Vulnerability Via /app/exec/exec.php
999761 CVE-2019-12747 WEB-MISC Typo3 Prior to 8.7.27 and 9.5.8 - Deserialization of Untrusted Data (CVE-2019-12747)
999762 CVE-2019-13608 WEB-MISC Citrix StoreFront Server - XML External Entity Injection Vulnerability (CVE-2019-13608)
999763   WEB-WORDPRESS WordPress Prior To 5.2.4 - Unauthenticated View Of Private or Draft Posts/Pages Vulnerability Via FORM
999764   WEB-WORDPRESS WordPress Prior To 5.2.4 - Unauthenticated View Of Private or Draft Posts/Pages Vulnerability Via URL
999765 CVE-2019-15954 WEB-MISC Total.js CMS 12.0.0 - Widget JavaScript Code Injection Vulnerability Via JSON (CVE-2019-15954)
999766 CVE-2019-15954 WEB-MISC Total.js CMS 12.0.0 - Widget JavaScript Code Injection Vulnerability Via FORM (CVE-2019-15954)
999767   WEB-WORDPRESS SyntaxHighlighter Evolved Plugin Prior To 5.3.1 - Stored Cross-Site Scripting Vulnerability Via Comment
999768   WEB-WORDPRESS SyntaxHighlighter Evolved Plugin Prior To 5.3.1 - Stored Cross-Site Scripting Vulnerability Via POST
999769   WEB-WORDPRESS SyntaxHighlighter Evolved Plugin Prior To 5.3.1 - Stored Cross-Site Scripting Vulnerability Via JSON
999770 CVE-2019-16120 WEB-WORDPRESS Event Tickets Plugin Before 4.10.7.2 - CSV Injection Vulnerability (CVE-2019-16120)
999771 CVE-2019-15029 WEB-MISC FusionPBX Prior to 4.4.8 - Remote Code Execution Vulnerability (CVE-2019-15029)
999772   WEB-WORDPRESS Sassy Social Share Plugin Prior To 3.3.4 - Unauthenticated Cross-Site Scripting Vulnerability
999773   WEB-WORDPRESS Email Subscribers & Newsletters Plugin Version 4.3.1 and Prior - Unauthenticated Blind SQLi Vulnerability
999774 CVE-2019-3398 WEB-MISC Atlassian Confluence or Data Center - downloadallattachments Path Traversal Vulnerability (CVE-2019-3398)
999775 CVE-2019-15952 WEB-MISC Total.js CMS 12.0.0 - Page Template Path Traversal Vulnerability (CVE-2019-15952)
999776 CVE-2019-17236 WEB-WORDPRESS IgniteUp Coming Soon and Maintenance Mode Plugin Up To 3.4.0 - Stored XSS (CVE-2019-17236)
999777 CVE-2019-10475 WEB-MISC Jenkins Build-Metrics Plugin 1.3 - Reflected XSS Vulnerability (CVE-2019-10475)
999778 CVE-2019-17132 WEB-MISC vBulletin Prior to 5.5.4 Patch Level 2 - UpdateAvatar API Endpoint Remote Code Execution Vulnerability (CVE-2019-17132)
999779 CVE-2019-14994 WEB-MISC Atlassian Jira Service Desk - Path Traversal Vulnerability (CVE-2019-14994)
999780 CVE-2019-19367 WEB-MISC FusionPBX 4.4.1 and Prior - Cross-Site Scripting Vulnerability (CVE-2019-19367)
999781 CVE-2019-18668 WEB-WORDPRESS Currency Switcher Plugin Before 2.11.2 - Currency Setting Bypass Vulnerability Via POST (CVE-2019-18668)
999782 CVE-2019-18668 WEB-WORDPRESS Currency Switcher Plugin Before 2.11.2 - Currency Setting Bypass Vulnerability Via GET (CVE-2019-18668)
999783 CVE-2019-16663 WEB-MISC rConfig 3.9.2 and Prior - Remote Code Execution Vulnerability via Search.crud.php (CVE-2019-16663)
999784   WEB-MISC Apache Solr Up to 8.3.0 - Unauthenticated Remote Code Execution Via VelocityResponseWriter Custom Template
999785 CVE-2019-17235 WEB-WORDPRESS IgniteUp Coming Soon and Maintenance Mode Plugin Up To 3.4.0 - Information Disclosure Via Csv (CVE-2019-17235)
999786 CVE-2019-17235 WEB-WORDPRESS IgniteUp Coming Soon and Maintenance Mode Plugin Up To 3.4.0 - Information Disclosure Via Bcc (CVE-2019-17235)
999787 CVE-2019-12276 WEB-MISC GrandNode 4.40 - LetsEncryptController Path Traversal Vulnerability (CVE-2019-12276)
999788   WEB-WORDPRESS Email Subscribers & Newsletters Plugin Prior to Version 4.2.3 - Unauthenticated Information Disclosure
999789 CVE-2019-4013 WEB-MISC IBM BigFix Platform 9.5 - Authenticated Arbitrary File Upload With Root Privileges (CVE-2019-4013)
999790 CVE-2019-11409 WEB-MISC FusionPBX Version 4.4.3 and Prior - Remote Code Execution Via /app/basic_operator_panel/exec.php (CVE-2019-11409)
999791 CVE-2019-11409 WEB-MISC FusionPBX Version 4.4.3 and Prior - Remote Code Execution Via /app/operator_panel/exec.php (CVE-2019-11409)
999792 CVE-2019-16662 WEB-MISC rConfig 3.9.2 and Prior - Unauthenticated Remote Code Execution Via AjaxServerSettingsChk.php (CVE-2019-16662)
999793 CVE-2019-7609 WEB-MISC Elastic Kibana Prior to 5.6.15 and 6.6.1 - Prototype Pollution Vulnerability Allows Unauthenticated RCE (CVE-2019-7609)
999794 CVE-2019-10092 WEB-MISC Apache HTTP Server Up To 2.4.39 - mod_proxy Limited Cross-Site Scripting (CVE-2019-10092)
999795 CVE-2019-16520 WEB-WORDPRESS All In One SEO Pack Plugin Before 3.2.7 - Stored XSS Vulnerability (CVE-2019-16520)
999796 CVE-2019-17234 WEB-WORDPRESS IgniteUp Coming Soon and Maintenance Mode Plugin Up to 3.4.0 - Arbitrary File Deletion (CVE-2019-17234)
999797 CVE-2019-16525 WEB-WORDPRESS Checklist Plugin Prior to Version 1.1.9 - XSS Vulnerability (CVE-2019-16525)
999798   WEB-WORDPRESS Safe SVG Plugin Prior to 1.9.6 - XSS Vulnerability
999799   WEB-WORDPRESS Email Subscribers & Newsletters Plugin Prior to Version 4.2.3 - Unauthenticated Arbitrary Option Creation