ADC

Signature update version 27

New signatures rules are generated for the vulnerabilities identified in version 27. You can download and configure these signature rules to protect your appliance from security vulnerable attacks. The signature update includes the signature ID, signature version, and list of CVEs addressed.

Signature version

Signatures are compatible with the following software versions of Citrix Application Delivery Controller (ADC) 11.1, 12.0, 12.1, 13.0 and 13.1.

NetScaler version 12.0 has reached end of life (EOL). For more information, see release life cycle page.

Common Vulnerability Entry (CVE) insight

Following is a list of signature rules, CVE IDs, and its description.

Signature rule CVE ID Description
999921 cve-2018-1002000 WEB-MISCWordpress Arigato Autoresponder and Newsletter SQL Injection vulnerability.
999920   WEB-MISCWordPress plug-in Corner Ad 1.0.7 - Stored Cross-Site Scripting
999919 cve-2018-1002009 WEB-MISCWordpress Arigato Autoresponder and Newsletter bft_unsubscribe cross-site scripting vulnerability.
999918 cve-2018-1002002 WEB-MISCWordpress Arigato Autoresponder and Newsletter multiple cross-site scripting vulnerability.
999918 cve-2018-1002003 WEB-MISCWordpress Arigato Autoresponder and Newsletter multiple cross-site scripting vulnerability.
999918 cve-2018-1002004 WEB-MISCWordpress Arigato Autoresponder and Newsletter multiple cross-site scripting vulnerability.
999918 cve-2018-1002005 WEB-MISCWordpress Arigato Autoresponder and Newsletter multiple cross-site scripting vulnerability.
999918 cve-2018-1002006 WEB-MISCWordpress Arigato Autoresponder and Newsletter multiple cross-site scripting vulnerability.
999918 cve-2018-1002007 WEB-MISCWordpress Arigato Autoresponder and Newsletter multiple cross-site scripting vulnerability.
999917 cve-2018-1002001 WEB-MISCWordpress Arigato Autoresponder and Newsletter multiple cross-site scripting vulnerability.
999917 cve-2018-1002008 WEB-MISCWordpress Arigato Autoresponder and Newsletter multiple cross-site scripting vulnerability.
999916 cve-2018-8719 WEB-MISCWordPress plug-in WP Security Audit Log - wp-content/uploads/wp-security-audit-log/* unrestricted access
999915 cve-2019-7743 WEB-MISC- Joomla phar:// stream wrapper object injection vulnerability execution of uploaded non-phar files
999914   WEB-MISCWordpress plug-in E-mail Subscribers and Newsletters 3.4.7 information disclosure vulnerability
999913   WEB-MISCWordPress plug-in AD Manager WD v1.0.11 - wd_ads_admin_class.php Arbitrary File Download
999912   WEB-IISMicrosoft IIS - Short File/Folder Name Disclosure
Signature update version 27