Product documentation
Citrix ADC
Current Release 13.0 12.1 11.1
View PDF

Signature update for February 2020

December 16, 2021
Contributed by: 
C

New signatures rules are generated for the vulnerabilities identified in the week 2020-02-27. You can download and configure these signature rules to protect your appliance from security vulnerable attacks.

Signature version

Signatures are compatible with the following software versions of Citrix Application Delivery Controller (ADC) 11.1, 12.0, 12.1, 13.0 and 13.1.

Citrix ADC version 12.0 has reached end of life (EOL). For more information, see release life cycle page.

Note:

Enabling Post body and Response body signature rules might affect Citrix ADC CPU.

Common Vulnerability Entry (CVE) insight

Following is a list of signature rules, CVE IDs, and its description.

Signature rule CVE ID Description
999696 CVE-2019-15983 WEB-MISC Cisco Data Center Network Manager Prior To 11.3(1) - XML External Entity Vulnerability (CVE-2019-15983) Via CablePlans
999697 CVE-2019-20197 WEB-MISC Nagios XI 5.6.9 - Authenticated Arbitrary Command Execution Vulnerability (CVE-2019-20197)
999698 CVE-2020-8417 WEB-WORDPRESS Code Snippets Plugin Prior to 2.14.0 - CSRF Vulnerability (CVE-2020-8417)
999699   WEB-WORDPRESS WPCentral Plugin Prior to Version 1.4.8 - Privilege Escalation Vulnerability
999700 CVE-2020-8596 WEB-WORDPRESS Participants Database Plugin Prior To 1.9.5.6 - Authenticated SQL Injection Vulnerability (CVE-2020-8596)
999701 CVE-2020-8426 WEB-WORDPRESS Elementor Page Builder Plugin Prior To 2.8.5 - Authenticated Reflected XSS Vulnerability (CVE-2020-8426)
999702 CVE-2019-19509 WEB-MISC RConfig 3.9.3 - Remote Code Execution Vulnerability Via ajaxArchiveFiles.php (CVE-2019-19509)
999703 CVE-2019-8449 WEB-MISC Atlassian Jira Server Before 8.4.0 - Information Disclosure Vulnerability (CVE-2019-8449)
999704 CVE-2019-9194 WEB-MISC elFinder Prior To 2.1.48 - PHP Connector Command Injection Vulnerability (CVE-2019-9194)
999705 CVE-2019-15985 WEB-MISC Cisco Data Center Network Manager Prior To 11.3(1) - SQL Injection Vulnerability (CVE-2019-15985) Via getVmHostData
999706 CVE-2020-8549 WEB-WORDPRESS Strong Testimonials Plugin Prior To 2.40.1 - Stored Cross Site Scripting Vulnerability (CVE-2020-8549)
Signature update for February 2020
December 16, 2021
Contributed by: 
C
December 16, 2021
Contributed by: 
C

In this article

Site feedback | Privacy and legal terms | Cookie preferences | Consent settings
© 1999- Citrix Systems, Inc. All rights reserved.