Signature update for June 2021

New signatures rules are generated for the vulnerabilities identified in the week 2021-07-08. You can download and configure these signature rules to protect your appliance from security vulnerable attacks.

Signature version

Signature version 66 applicable for NetScaler VPX 11.1, NetScaler 12.0, Citrix ADC 12.1, Citrix ADC 13.0 platforms.

Note:

Enabling Post body and Response body signature rules might affect Citrix ADC CPU.

Common Vulnerability Entry (CVE) insight

Following is a list of signature rules, CVE IDs, and its description.

Signature rule CVE ID Description
999231 CVE-2021-34074 WEB-MISC Artica Pandora FMS Up to 7.54 - Arbitrary File Upload Vulnerability Via Relative Path (CVE-2021-34074)
999232 CVE-2021-32633 WEB-MISC Plone CMS - Zope Page Templates Remote Code Execution Vulnerability Via Upload (CVE-2021-32633)
999233 CVE-2021-32633 WEB-MISC Plone CMS - Zope Page Templates Remote Code Execution Vulnerability Via New (CVE-2021-32633)
999234 CVE-2021-31181 WEB-MISC Microsoft SharePoint Server - Remote Code Execution Vulnerability (CVE-2021-31181)
999235 CVE-2021-24370 WEB-WORDPRESS Fancy Product Designer Plugin Prior to 5.6.9 - RCE Vulnerability Via fpd_custom_uplod_file (CVE-2021-24370)
999236 CVE-2021-24370 WEB-WORDPRESS Fancy Product Designer Plugin Prior to 5.6.9 - RCE Vulnerability Via custom-image-handler.php (CVE-2021-24370)
999237 CVE-2021-24354 WEB-WORDPRESS Simple 301 Redirects Plugin Prior to 2.0.4 - Arbitrary Plugin Installation Vulnerability (CVE-2021-24354)
999238 CVE-2021-24352 WEB-WORDPRESS Simple 301 Redirects Plugin Prior to 2.0.4 - Redirect Export Vulnerability (CVE-2021-24352)
999239 CVE-2021-1497, CVE-2021-1498 WEB-MISC Cisco HyperFlex HX Prior to 4.0(2e) - Remote Code Execution Vulnerability (CVE-2021-1497, CVE-2021-1498)
999240 CVE-2020-21057 WEB-MISC FusionPBX 4.5.7 - Path Traversal Vulnerability Via folderdelete Feature (CVE-2020-21057)
999241 CVE-2020-16245 WEB-MISC Advantech iView Prior to 5.7.03.6112 - Path Traversal Vulnerability Via backupDatabase (CVE-2020-16245)
999242 CVE-2020-10148 WEB-MISC SolarWinds Orion Multiple Versions - Authentication Bypass Vulnerability (CVE-2020-10148)
Signature update for June 2021