Citrix ADC

Signature update version 27

December 16, 2021

Contributed by:

S S

New signatures rules are generated for the vulnerabilities identified in version 27. You can download and configure these signature rules to protect your appliance from security vulnerable attacks. The signature update includes the signature ID, signature version, and list of CVEs addressed.

Signature version

Signatures are compatible with the following software versions of Citrix Application Delivery Controller (ADC) 11.1, 12.0, 12.1, 13.0 and 13.1.

Citrix ADC version 12.0 has reached end of life (EOL). For more information, see release life cycle page.

Common Vulnerability Entry (CVE) insight

Following is a list of signature rules, CVE IDs, and its description.

Signature rule	CVE ID	Description
999921	cve-2018-1002000	WEB-MISCWordpress Arigato Autoresponder and Newsletter SQL Injection vulnerability.
999920		WEB-MISCWordPress plug-in Corner Ad 1.0.7 - Stored Cross-Site Scripting
999919	cve-2018-1002009	WEB-MISCWordpress Arigato Autoresponder and Newsletter bft_unsubscribe cross-site scripting vulnerability.
999918	cve-2018-1002002	WEB-MISCWordpress Arigato Autoresponder and Newsletter multiple cross-site scripting vulnerability.
999918	cve-2018-1002003	WEB-MISCWordpress Arigato Autoresponder and Newsletter multiple cross-site scripting vulnerability.
999918	cve-2018-1002004	WEB-MISCWordpress Arigato Autoresponder and Newsletter multiple cross-site scripting vulnerability.
999918	cve-2018-1002005	WEB-MISCWordpress Arigato Autoresponder and Newsletter multiple cross-site scripting vulnerability.
999918	cve-2018-1002006	WEB-MISCWordpress Arigato Autoresponder and Newsletter multiple cross-site scripting vulnerability.
999918	cve-2018-1002007	WEB-MISCWordpress Arigato Autoresponder and Newsletter multiple cross-site scripting vulnerability.
999917	cve-2018-1002001	WEB-MISCWordpress Arigato Autoresponder and Newsletter multiple cross-site scripting vulnerability.
999917	cve-2018-1002008	WEB-MISCWordpress Arigato Autoresponder and Newsletter multiple cross-site scripting vulnerability.
999916	cve-2018-8719	WEB-MISCWordPress plug-in WP Security Audit Log - wp-content/uploads/wp-security-audit-log/* unrestricted access
999915	cve-2019-7743	WEB-MISC- Joomla phar:// stream wrapper object injection vulnerability execution of uploaded non-phar files
999914		WEB-MISCWordpress plug-in E-mail Subscribers and Newsletters 3.4.7 information disclosure vulnerability
999913		WEB-MISCWordPress plug-in AD Manager WD v1.0.11 - wd_ads_admin_class.php Arbitrary File Download
999912		WEB-IISMicrosoft IIS - Short File/Folder Name Disclosure

The official version of this content is in English. Some of the Citrix documentation content is machine translated for your convenience only. Citrix has no control over machine-translated content, which may contain errors, inaccuracies or unsuitable language. No warranty of any kind, either expressed or implied, is made as to the accuracy, reliability, suitability, or correctness of any translations made from the English original into any other language, or that your Citrix product or service conforms to any machine translated content, and any warranty provided under the applicable end user license agreement or terms of service, or any other agreement with Citrix, that the product or service conforms with any documentation shall not apply to the extent that such documentation has been machine translated. Citrix will not be held responsible for any damage or issues that may arise from using machine-translated content.

Signature update version 27

December 16, 2021

Contributed by:

S S

December 16, 2021

Contributed by:

S S

Signature update version 27

Signature version

Common Vulnerability Entry (CVE) insight

In this article