Citrix ADC

Signature update for Feb 2022

New signatures rules are generated for the vulnerabilities identified in the week 2022-02-25. You can download and configure these signature rules to protect your appliance from security vulnerable attacks.

Signature version

Signature version 77 applicable for NetScaler VPX 11.1, NetScaler 12.0, Citrix ADC 12.1, Citrix ADC 13.0, Citrix ADC 13.1 platforms.

Note:

Enabling Post body and Response body signature rules might affect Citrix ADC CPU.

Common Vulnerability Entry (CVE) insight

Following is a list of signature rules, CVE IDs, and its description.

Signature rule CVE ID Description
999034   WEB-WORDPRESS WordPress 5.9 - Stored XSS Vulnerability Via Page Excerpt in Json Object
999035   WEB-WORDPRESS WordPress 5.9 - Stored XSS Vulnerability Via Page Excerpt in Form
999036   WEB-WORDPRESS WordPress 5.9 - Stored XSS Vulnerability Via post.php
999037   WEB-WORDPRESS WordPress 5.9 - Stored XSS Vulnerability Via Post Excerpt in Json Object
999038   WEB-WORDPRESS WordPress 5.9 - Stored XSS Vulnerability Via Post Excerpt in Form
999039   WEB-MISC Path Traversal Vulnerability Via Form Field Values
999040   WEB-MISC Path Traversal Vulnerability Via URI
999041 CVE-2022-23221 WEB-MISC H2 Console Prior to 2.1.210 - Remote Code Execution Vulnerability Via test.do (CVE-2022-23221)
999042 CVE-2022-23221 WEB-MISC H2 Console Prior to 2.1.210 - Remote Code Execution Vulnerability Via login.do (CVE-2022-23221)
999043 CVE-2022-21662 WEB-WORDPRESS WordPress Prior to 5.8.3 - Stored Cross-Site Scripting Vulnerability (CVE-2022-21662)
999044 CVE-2022-0320 WEB-WORDPRESS The Essential Addons for Elementor Plugin Prior to 5.0.5 - LFI Via eael_product_gallery (CVE-2022-0320)
999045 CVE-2022-0320 WEB-WORDPRESS The Essential Addons for Elementor Plugin Prior to 5.0.5 - LFI Via woo_product_pagination_product (CVE-2022-0320)
999046 CVE-2022-0320 WEB-WORDPRESS The Essential Addons for Elementor Plugin Prior to 5.0.5 - LFI Via load_more (CVE-2022-0320)
Signature update for Feb 2022