ADC

Signature update version 43

New signatures rules are generated for the vulnerabilities identified in the week 2020-02-27. You can download and configure these signature rules to protect your appliance from security vulnerable attacks.

Signature version

Signatures are compatible with the following software versions of Citrix Application Delivery Controller (ADC) 11.1, 12.0, 12.1, 13.0 and 13.1.

Citrix ADC version 12.0 has reached end of life (EOL). For more information, see release life cycle page.

Note:

Enabling Post body and Response body signature rules might affect Citrix ADC CPU.

Common Vulnerability Entry (CVE) insight

Following is a list of signature rules, CVE IDs, and its description.

Signature rule CVE ID Description
999696 CVE-2019-15983 WEB-MISC Cisco Data Center Network Manager Prior To 11.3(1) - XML External Entity Vulnerability (CVE-2019-15983) Via CablePlans
999697 CVE-2019-20197 WEB-MISC Nagios XI 5.6.9 - Authenticated Arbitrary Command Execution Vulnerability (CVE-2019-20197)
999698 CVE-2020-8417 WEB-WORDPRESS Code Snippets Plugin Prior to 2.14.0 - CSRF Vulnerability (CVE-2020-8417)
999699   WEB-WORDPRESS WPCentral Plugin Prior to Version 1.4.8 - Privilege Escalation Vulnerability
999700 CVE-2020-8596 WEB-WORDPRESS Participants Database Plugin Prior To 1.9.5.6 - Authenticated SQL Injection Vulnerability (CVE-2020-8596)
999701 CVE-2020-8426 WEB-WORDPRESS Elementor Page Builder Plugin Prior To 2.8.5 - Authenticated Reflected XSS Vulnerability (CVE-2020-8426)
999702 CVE-2019-19509 WEB-MISC RConfig 3.9.3 - Remote Code Execution Vulnerability Via ajaxArchiveFiles.php (CVE-2019-19509)
999703 CVE-2019-8449 WEB-MISC Atlassian Jira Server Before 8.4.0 - Information Disclosure Vulnerability (CVE-2019-8449)
999704 CVE-2019-9194 WEB-MISC elFinder Prior To 2.1.48 - PHP Connector Command Injection Vulnerability (CVE-2019-9194)
999705 CVE-2019-15985 WEB-MISC Cisco Data Center Network Manager Prior To 11.3(1) - SQL Injection Vulnerability (CVE-2019-15985) Via getVmHostData
999706 CVE-2020-8549 WEB-WORDPRESS Strong Testimonials Plugin Prior To 2.40.1 - Stored Cross Site Scripting Vulnerability (CVE-2020-8549)
Signature update version 43