ADC

Signature update version 49

New signatures rules are generated for the vulnerabilities identified in the week 2020-08-26. You can download and configure these signature rules to protect your appliance from security vulnerable attacks.

Signature version

Signature version 49 is compatible with the following software versions of Citrix Application Delivery Controller (ADC) 11.1, 12.0, 12.1, 13.0 and 13.1.

Citrix ADC version 12.0 has reached end of life (EOL). For more information, see release life cycle page.

Note:

Enabling Post body and Response body signature rules might affect Citrix ADC CPU.

Common Vulnerability Entry (CVE) insight

Following is a list of signature rules, CVE IDs, and its description.

Signature rule CVE ID Description
999556 CVE-2020-13241 WEB-MISC Microweber 1.1.18 - Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-13241)
999557 CVE-2020-3250 WEB-MISC Cisco UCS Director - REST API Path Traversal Vulnerability Via userAPIDownloadFile (CVE-2020-3250)
999558   WEB-WORDPRESS PageBuilder KingComposer plug-in Prior to 2.9.4 - Arbitrary Deletion of Directories Via action=bulk-delete
999559   WEB-WORDPRESS PageBuilder KingComposer plug-in Prior to 2.9.4 - Remote Code Execution Vulnerability Via action=upload
999560 CVE-2018-1999024 WEB-MISC Moodle - MathJax Unicode cross-site scripting Vulnerability (CVE-2018-1999024)
999561 CVE-2020-13693 WEB-WORDPRESS bbPress plug-in Prior To 2.6.5 - Unauthenticated Privilege Escalation Vulnerability (CVE-2020-13693)
999562 CVE-2020-12847 WEB-MISC Pydio Cells Prior to 2.0.7 - Remote Code Execution Vulnerability (CVE-2020-12847)
Signature update version 49