Signature update version 112

New signatures rules are generated for the vulnerabilities identified in the week 2023-08-30. You can download and configure these signature rules to protect your appliance from security vulnerable attacks.

Signature version

Signature version 112 applicable for NetScaler 11.1, NetScaler 12.0, Citrix ADC 12.1, Citrix ADC 13.0, NetScaler 13.1, NetScaler 14.1 platforms.

Note

Enabling Post body and Response body signature rules might affect Citrix ADC CPU.

Common Vulnerability Entry (CVE) insight

Following is a list of signature rules, CVE IDs, and its description.

Signature rule CVE ID Description
998632 CVE-2023-39526 WEB-MISC PrestaShop Prior to 8.0.5, 8.1.1 and 1.7.8.10 - Arbitrary File Write Vulnerability via OUTFILE (CVE-2023-39526)
998633 CVE-2023-39526 WEB-MISC PrestaShop Prior to 8.0.5, 8.1.1 and 1.7.8.10 - Arbitrary File Write Vulnerability via DUMPFILE (CVE-2023-39526)
998634 CVE-2023-39143 WEB-MISC PaperCut NG/MF Prior to 22.1.3 - Path Traversal Vulnerability in CustomReportExampleServlet (CVE-2023-39143)
998635 CVE-2023-37979 WEB-WORDPRESS Ninja Forms Contact Form Plugin Up to 3.6.25 - Cross-Site Scripting Vulnerability (CVE-2023-37979)
998636 CVE-2023-33652 WEB-MISC Sitecore - Remote Code Execution Vulnerability (CVE-2023-33652)
998637 CVE-2023-32563 WEB-MISC Ivanti Avalanche Prior to 6.4.1 - Arbitrary File Upload Vulnerability (CVE-2023-32563)
998638 CVE-2023-29357 WEB-MISC Microsoft SharePoint Server - Elevation of Privilege Vulnerability via access_token/prooftoken (CVE-2023-29357)
998639 CVE-2023-29357 WEB-MISC Microsoft SharePoint Server - Elevation of Privilege Vulnerability via Authorization Header (CVE-2023-29357)
998640 CVE-2023-22480 WEB-MISC KubeOperator Prior to 3.16.4 - Improper Authorization Vulnerability (CVE-2023-22480)
Signature update version 112