Signature update version 34
New signatures rules are generated for the vulnerabilities identified in version 34. You can download and configure these signature rules to protect your appliance from security vulnerable attacks.
Signature version
Signature version 34 is compatible with the following software versions of Citrix Application Delivery Controller (ADC) 11.1, 12.0, 12.1, 13.0 and 13.1.
Citrix ADC version 12.0 has reached end of life (EOL). For more information, see release life cycle page.
Note
Enabling Post body and Response body signature rules might affect Citrix ADC CPU.
Common Vulnerability Entry (CVE) insight
Following is a list of signature rules, CVE IDs, and its description.
Signature rule | CVE ID | Description |
---|---|---|
999843 | WEB-WORDPRESS WordPress plug-in Ultimate Member Prior to Version 2.0.46 - Setting Arbitrary File For Read | |
999844 | WEB-WORDPRESS WordPress plug-in Ultimate Member Prior to Version 2.0.46 - Arbitrary File Read | |
999845 | WEB-WORDPRESS WordPress plug-in Ultimate Member Prior to Version 2.0.46 - File Removal Via File Replacement | |
999846 | WEB-WORDPRESS WordPress plug-in Ultimate Member Prior to Version 2.0.46 - File Removal | |
999847 | WEB-WORDPRESS WordPress plug-in Shortlinks Prior To 2.1.10 - CSV Injection Vulnerability | |
999848 | WEB-WORDPRESS WordPress plug-in Shortlinks Prior To 2.1.10 - Unauthenticated Stored cross-site scripting Vulnerability | |
999849 | WEB-WORDPRESS WordPress plug-in FV Flowplayer Video Player Prior To 7.3.13.727 - Unauthenticated Stored cross-site scripting Vulnerability | |
999850 | WEB-WORDPRESS WordPress plug-in Easy Digital Downloads Prior To 2.9.16 - Unauthenticated Stored cross-site scripting Vulnerability | |
999851 | WEB-WORDPRESS WordPress plug-in Crelly Slider Prior to version 1.3.5 - Arbitrary File Upload Vulnerability | |
999853 | CVE-2019-2615 | WEB-MISC Oracle WebLogic Server Information Disclosure Vulnerability |
999854 | CVE-2019-11872 | WordPress plug-in Hustle Prior To 6.0.8.1 - CSV Injection Vulnerability |
999855 | CVE-2019-11231 | WEB-MISC GetSimple CMS Version 3.3.15 and Prior - Arbitrary File Upload Vulnerability |
999856 | CVE-2019-11231 | WEB-MISC GetSimple CMS Version 3.3.15 and Prior - API Key Information Disclosure |
999857 | WEB-WORDPRESS WordPress plug-in WP Database Backup Prior To 5.2 - Command Injection Vulnerability | |
999858 | WEB-WORDPRESS WordPress plug-in Slick Popup Up To 1.7.1 - Privilege Escalation Vulnerability | |
999859 | CVE-2019-12099 | WEB-MISC PHP Fusion CMS Remote Code Execution Vulnerability in Version 9.03.00 and Prior |