ADC

Signature update version 28

New signatures rules are generated for the vulnerabilities identified in version 28. You can download and configure these signature rules to protect your appliance from security vulnerable attacks. The signature update includes the signature ID, signature version, and list of CVEs addressed.

Signature version

Signature version 28 is compatible with the following software versions of Citrix Application Delivery Controller (ADC) 11.1, 12.0, 12.1, 13.0 and 13.1.

Citrix ADC version 12.0 has reached end of life (EOL). For more information, see release life cycle page.

Common Vulnerability Entry (CVE) insight

Following is a list of signature rules, CVE IDs, and its description.

Signature rule CVE ID Description
999898 CVE-2018-12895 WEB-MISC WordPress before 4.9.7-Directory Traversal Vulnerability.
999899 CVE-2019-9618 WEB-MISC-GraceMedia Media Player WordPress plug-in 1.0 Arbitrary Local File Inclusion Vulnerability
999900 CVE-2018-20714 WEB-MISC WordPress plug-in WooCommerce before 3.4.6 - File Deletion Vulnerability.
999901 CVE-2018-11868 WEB-MISC FlowPaper FlexPaper before 2.3.7 can Allow Remote Code Execution-Reset of Config Files.
999902 CVE-2018-11868 WEB-MISC FlowPaper FlexPaper before 2.3.7 can Allow Remote Code Execution.
999903 CVE-2019-9184 WEB-MISC-Joomla! J2Store plug-in 3.x Before 3.3.7 Allows SQL Injection.
999904 CVE-2019-9168 WEB-MISC WordPress plug-in WooCommerce before 3.5.5-cross-site scripting via Photoswipe caption.
999905   WEB-MISC WordPress plug-in Abandoned Cart before 5.1.3 for WooCommerce-Stored Cross-Site Scripting.
999906 CVE-2019-8942 WEB-MISC WordPress before 4.9.9 and 5.x before 5.0.1-remote code execution.
999907 CVE-2019-8942 WEB-MISC WordPress before 4.9.9 and 5.x before 5.0.1-remote code execution.
999908 CVE-2019-8942 WEB-MISC WordPress before 4.9.9 and 5.x before 5.0.1-remote code execution
999909 CVE-2017-16562 WEB-MISC-Deluxe Theme UserPro WordPress plug-in Security Bypass Vulnerability Via up_auto_log=true Parameter
999910 CVE-2018-20782 WEB-MISC WordPress plug-in GloBee before 1.1.2 for WooCommerce-IPN Messages Spoofing
999911 CVE-2019-6340 Drupal-Arbitrary Remote Code Execution in Drupal Core 8 RESTFul WebServices
Signature update version 28