Signature update for May 2019

New signatures rules are generated for the vulnerabilities identified in the week 2019-05-24. You can download and configure these signature rules to protect your appliance from security vulnerable attacks.

Signature version

Signature version 30 applicable to NetScaler VPX 11.1, NetScaler 12.0, Citrix ADC 12.1, and Citrix ADC 13.0 platforms.

Note

Enabling Post body and Response body signature rules may affect Citrix ADC CPU.

Common Vulnerability Entry (CVE) insight

Following is a list of signature rules, CVE IDs, and its description.

Signature rule CVE ID Description  
999879 <> WEB-MISC WordPress Plugin WooCommerce Checkout Manager - Arbitrary File Upload Vulnerability  
999880 <> WEB-MISC WordPress Plugin Advance Contact Form 7 DB Prior To 1.6.1 - SQL Injection Vulnerability  
999881 <> WEB-MISC WordPress Plugin Contact Form Builder Prior To 1.0.67 - Local File Inclusion Vulnerability  
999882 <> SQL HTTP URI Blind Injection Attempt  
999883 <> WEB-MISC Loco Translate WordPress Plugin 2.1.1 and prior - Local File Inclusion Vulnerability  
999884 <> WEB-MISC WordPress Plugin Duplicate-Page Prior To 3.4 - SQL Injection Vulnerability  
999885 CVE-2019-0232 WEB-MISC Apache Tomcat RCE Via .CMD CGI Scripts When enableCmdLineArguments=true in MS Windows  
999886 CVE-2019-0232 WEB-MISC Apache Tomcat RCE Via .BAT CGI Scripts When enableCmdLineArguments=true in MS Windows  
999887 CVE-2019-10692 WWEB-MISC WordPress Plugin wp-google-maps Prior To 7.11.18 - SQL Injection Vulnerability.  
999888 CVE-2019-10946 WEB-MISC Joomla! Prior To 3.9.5 - Security Bypass Vulnerability  
999889 CVE-2019-10945 WEB-MISC Joomla! Prior To 3.9.5 - Directory Traversal Vulnerability  
999890 CVE-2019-9912 WEB-MISC WpGoogleMaps WordPress Plugin prior to 7.10.41 Reflected XSS Vulnerability  
999890 CVE-2019-9912 WEB-MISC WpGoogleMaps WordPress Plugin prior to 7.10.41 Reflected XSS Vulnerability  
999891 CVE-2019-9911 WEB-MISC WordPress Plugin Social Networks Auto-Poster Prior To 4.2.8 - Reflected XSS Vulnerability  
999892 CVE-2019-9908 WEB-MISC WordPress Plugin Font_Organizer 2.1.1 - Reflected XSS  
999893 CVE-2019-9787 WEB-MISC WordPress before 4.9.7 - Remote Code Execution Vulnerability  
999894 CVE-2019-9568 WEB-MISC Forminator Contact Form, Poll & Quiz Builder WordPress Plugin prior to 1.6 Blind SQLi Vulnerability  
999895 CVE-2019-9567 WEB-MISC Forminator Contact Form, Poll & Quiz Builder WP Plugin prior to 1.6 Persistent XSS Vulnerability  
999877 CVE-2018-20062 WEB-MISC NoneCms V1.3 - ThinkPHP Filter Arbitrary PHP Code Execution Vulnerability  
999878 CVE-2019-9082 WEB-MISC Remote Code Execution Vulnerability in ThinkPHP 5.x prior to 5.1.32