Signature update for October 2021

New signatures rules are generated for the vulnerabilities identified in the week 2021-10-26. You can download and configure these signature rules to protect your appliance from security vulnerable attacks.

Signature version

Signature version 70 applicable for NetScaler VPX 11.1, NetScaler 12.0, Citrix ADC 12.1, Citrix ADC 13.0 platforms.

Note:

Enabling Post body and Response body signature rules might affect Citrix ADC CPU.

Common Vulnerability Entry (CVE) insight

Following is a list of signature rules, CVE IDs, and its description.

Signature rule CVE ID Description
999127 CVE-2021-42013 WEB-MISC Apache HTTP Server 2.4.49 and 2.4.50 - Path Traversal Vulnerability Via %%32 (CVE-2021-42013)
999128 CVE-2021-42013 WEB-MISC Apache HTTP Server 2.4.49 and 2.4.50 - Path Traversal Vulnerability Via %2% (CVE-2021-42013)
999129 CVE-2021-41773 WEB-MISC Apache HTTP Server 2.4.49 - Path Traversal Vulnerability Via %2e%2e (CVE-2021-41773)
999130 CVE-2021-41773 WEB-MISC Apache HTTP Server 2.4.49 - Path Traversal Vulnerability Via .%2e (CVE-2021-41773)
999131 CVE-2021-40539 WEB-MISC Zoho ManageEngine ADSelfService Plus 6.1 Prior to Build 6114 - Authentication Bypass Vulnerability (CVE-2021-40539)
999132 CVE-2021-34648 WEB-WORDPRESS Ninja Forms Plugin Up to 3.5.7 - REST_ROUTE Vulnerability via submissions email-action (CVE-2021-34648)
999133 CVE-2021-34648 WEB-WORDPRESS Ninja Forms Plugin Up to 3.5.7 - REST API Vulnerability via submissions email-action (CVE-2021-34648)
999134 CVE-2021-34647 WEB-WORDPRESS Ninja Forms Plugin Up to 3.5.7 - REST_ROUTE Vulnerability via Submissions Export (CVE-2021-34647)
999135 CVE-2021-34647 WEB-WORDPRESS Ninja Forms Plugin Up to 3.5.7 - REST API Vulnerability via Submissions Export (CVE-2021-34647)
999136 CVE-2021-34623 WEB-WORDPRESS ProfilePress Plugin Prior to 3.1.4 - Arbitrary File Upload Vulnerability Via eup_cover_image (CVE-2021-34623)
999137 CVE-2021-34623 WEB-WORDPRESS ProfilePress Plugin Prior to 3.1.4 - Arbitrary File Upload Vulnerability Via eup_avatar (CVE-2021-34623)
999138 CVE-2021-2400 WEB-MISC Oracle BI Publisher - SAXParser XXE Vulnerability Via mobile X ReportTemplateService(CVE-2021-2400)
999139 CVE-2021-2400 WEB-MISC Oracle BI Publisher - SAXParser XXE Vulnerability Via mobile ReportTemplateService(CVE-2021-2400)
999140 CVE-2021-2400 WEB-MISC Oracle BI Publisher - SAXParser XXE Vulnerability Via xmlpservice X ReportTemplateService (CVE-2021-2400)
999141 CVE-2021-2400 WEB-MISC Oracle BI Publisher - SAXParser XXE Vulnerability Via xmlpservice ReportTemplateService (CVE-2021-2400)
999142 CVE-2021-21985 WEB-MISC VMWare vCenter - Virtual SAN Health Check Plugin Remote Code Execution Vulnerability (CVE-2021-21985)
999143 CVE-2021-20078 WEB-MISC Zoho ManageEngine OpManager 12.5 Prior to Build 125362 - Path Traversal Vulnerability (CVE-2021-20078)
999144 CVE-2020-29448 WEB-MISC Atlassian Confluence Server and Data Center - Information Disclosure Vulnerability Via WEB-INF (CVE-2020-29448)
999145 CVE-2020-29448 WEB-MISC Atlassian Confluence Server and Data Center - Information Disclosure Vulnerability Via META-INF (CVE-2020-29448)
999146 CVE-2020-12442 WEB-MISC Ivanti Avalanche 6.3 - Unauthenticated SQL Injection Vulnerability Via osupdate Endpoint (CVE-2020-12442)
999147 CVE-2020-12442 WEB-MISC Ivanti Avalanche 6.3 - Unauthenticated SQL Injection Vulnerability Via wapl Endpoint (CVE-2020-12442)
999148   WEB-WORDPRESS BuddyPress Plugin Prior to 9.1.1 - SQL Injection Vulnerability Via bp-members-invitations Feature
Signature update for October 2021