ADC

Signature update version 30

New signatures rules are generated for the vulnerabilities identified in version 30. You can download and configure these signature rules to protect your appliance from security vulnerable attacks.

Signature version

Signature version 30 is compatible with the following software versions of Citrix Application Delivery Controller (ADC) 11.1, 12.0, 12.1, 13.0 and 13.1.

Citrix ADC version 12.0 has reached end of life (EOL). For more information, see release life cycle page.

Note:

Enabling Post body and Response body signature rules may affect Citrix ADC CPU.

Common Vulnerability Entry (CVE) insight

Following is a list of signature rules, CVE IDs, and its description.

Signature rule CVE ID Description
999879 <> WEB-MISC WordPress plug-in WooCommerce Checkout Manager - Arbitrary File Upload Vulnerability
999880 <> WEB-MISC WordPress plug-in Advance Contact Form 7 DB Prior To 1.6.1 - SQL Injection Vulnerability
999881 <> WEB-MISC WordPress plug-in Contact Form Builder Prior To 1.0.67 - Local File Inclusion Vulnerability
999882 <> SQL HTTP URI Blind Injection Attempt
999883 <> WEB-MISC Loco Translate WordPress plug-in 2.1.1 and prior - Local File Inclusion Vulnerability
999884 <> WEB-MISC WordPress plug-in Duplicate-Page Prior To 3.4 - SQL Injection Vulnerability
999885 CVE-2019-0232 WEB-MISC Apache Tomcat RCE Via .CMD CGI Scripts When enableCmdLineArguments=true in MS Windows
999886 CVE-2019-0232 WEB-MISC Apache Tomcat RCE Via .BAT CGI Scripts When enableCmdLineArguments=true in MS Windows
999887 CVE-2019-10692 WWEB-MISC WordPress plug-in wp-google-maps Prior To 7.11.18 - SQL Injection Vulnerability.
999888 CVE-2019-10946 WEB-MISC Joomla! Prior To 3.9.5 - Security Bypass Vulnerability
999889 CVE-2019-10945 WEB-MISC Joomla! Prior To 3.9.5 - Directory Traversal Vulnerability
999890 CVE-2019-9912 WEB-MISC WpGoogleMaps WordPress plug-in prior to 7.10.41 Reflected cross-site scripting Vulnerability
999890 CVE-2019-9912 WEB-MISC WpGoogleMaps WordPress plug-in prior to 7.10.41 Reflected cross-site scripting Vulnerability
999891 CVE-2019-9911 WEB-MISC WordPress plug-in Social Networks Auto-Poster Prior To 4.2.8 - Reflected cross-site scripting Vulnerability
999892 CVE-2019-9908 WEB-MISC WordPress plug-in Font_Organizer 2.1.1 - Reflected cross-site scripting
999893 CVE-2019-9787 WEB-MISC WordPress before 4.9.7 - Remote Code Execution Vulnerability
999894 CVE-2019-9568 WEB-MISC Forminator Contact Form, Poll & Quiz Builder WordPress plug-in prior to 1.6 Blind SQLi Vulnerability
999895 CVE-2019-9567 WEB-MISC Forminator Contact Form, Poll & Quiz Builder WP plug-in prior to 1.6 Persistent cross-site scripting Vulnerability
999877 CVE-2018-20062 WEB-MISC NoneCms V1.3 - ThinkPHP Filter Arbitrary PHP Code Execution Vulnerability
999878 CVE-2019-9082 WEB-MISC Remote Code Execution Vulnerability in ThinkPHP 5.x prior to 5.1.32
Signature update version 30