Signature update for December 2021

New signatures rules are generated for the vulnerabilities identified in the week 2021-12-13. You can download and configure these signature rules to protect your appliance from security vulnerable attacks.

Signature version

Signature version 73 is compatible with the following software versions of Citrix Application Delivery Controller (ADC) 11.1, 12.0, 12.1, 13.0 and 13.1.

Citrix ADC version 12.0 has reached end of life (EOL). For more information, see release life cycle page.

Note:

Enabling Post body and Response body signature rules might affect Citrix ADC CPU.

Common Vulnerability Entry (CVE) insight

Following is a list of signature rules, CVE IDs, and its description that are updated.

Note:

The below signature rules (999077, 999078, 999079, 999080) addresses both CVEs (CVE-2021-44228, and CVE-2021-45046).

Signature rule CVE ID Description
999077 CVE-2021-44228, CVE-2021-45046 WEB-MISC Apache Log4j - Remote Code Execution Vulnerability via FORM (CVE-2021-44228, CVE-2021-45046)
999078 CVE-2021-44228, CVE-2021-45046 WEB-MISC Apache Log4j - Remote Code Execution Vulnerability via BODY (CVE-2021-44228, CVE-2021-45046)
999079 CVE-2021-44228, CVE-2021-45046 WEB-MISC Apache Log4j - Remote Code Execution Vulnerability via HEADER (CVE-2021-44228, CVE-2021-45046)
999080 CVE-2021-44228, CVE-2021-45046 WEB-MISC Apache Log4j - Remote Code Execution Vulnerability via URL (CVE-2021-44228, CVE-2021-45046)
Signature update for December 2021