Signature update version 34

New signatures rules are generated for the vulnerabilities identified in version 34. You can download and configure these signature rules to protect your appliance from security vulnerable attacks.

Signature version

Signature version 34 applicable for NetScaler VPX 11.1, NetScaler 12.0, Citrix ADC 12.1, and Citrix ADC 13.0 platforms.

Note

Enabling Post body and Response body signature rules might affect Citrix ADC CPU.

Common Vulnerability Entry (CVE) insight

Following is a list of signature rules, CVE IDs, and its description.

Signature rule CVE ID Description
999843   WEB-WORDPRESS WordPress Plugin Ultimate Member Prior to Version 2.0.46 - Setting Arbitrary File For Read
999844   WEB-WORDPRESS WordPress Plugin Ultimate Member Prior to Version 2.0.46 - Arbitrary File Read
999845   WEB-WORDPRESS WordPress Plugin Ultimate Member Prior to Version 2.0.46 - File Removal Via File Replacement
999846   WEB-WORDPRESS WordPress Plugin Ultimate Member Prior to Version 2.0.46 - File Removal
999847   WEB-WORDPRESS WordPress Plugin Shortlinks Prior To 2.1.10 - CSV Injection Vulnerability
999848   WEB-WORDPRESS WordPress Plugin Shortlinks Prior To 2.1.10 - Unauthenticated Stored XSS Vulnerability
999849   WEB-WORDPRESS WordPress Plugin FV Flowplayer Video Player Prior To 7.3.13.727 - Unauthenticated Stored XSS Vulnerability
999850   WEB-WORDPRESS WordPress Plugin Easy Digital Downloads Prior To 2.9.16 - Unauthenticated Stored XSS Vulnerability
999851   WEB-WORDPRESS WordPress Plugin Crelly Slider Prior to version 1.3.5 - Arbitrary File Upload Vulnerability
999853 CVE-2019-2615 WEB-MISC Oracle WebLogic Server Information Disclosure Vulnerability
999854 CVE-2019-11872 WordPress Plugin Hustle Prior To 6.0.8.1 - CSV Injection Vulnerability
999855 CVE-2019-11231 WEB-MISC GetSimple CMS Version 3.3.15 and Prior - Arbitrary File Upload Vulnerability
999856 CVE-2019-11231 WEB-MISC GetSimple CMS Version 3.3.15 and Prior - API Key Information Disclosure
999857   WEB-WORDPRESS WordPress Plugin WP Database Backup Prior To 5.2 - Command Injection Vulnerability
999858   WEB-WORDPRESS WordPress Plugin Slick Popup Up To 1.7.1 - Privilege Escalation Vulnerability
999859 CVE-2019-12099 WEB-MISC PHP Fusion CMS Remote Code Execution Vulnerability in Version 9.03.00 and Prior