In Signatures Alert Articles
In Web App Firewall
In Citrix ADC 13.0
In Citrix ADC
In All products
Product documentation
In Signatures Alert Articles
In Web App Firewall
In Citrix ADC 13.0
In Citrix ADC
In All products
Citrix ADC
Current Release 12.1 11.1
View PDF

Signature update version 37

December 4, 2020
Contributed by: 
C

New signatures rules are generated for the vulnerabilities identified in version 37. You can download and configure these signature rules to protect your appliance from security vulnerable attacks.

Signature version

Signature version 37 applicable for NetScaler VPX 11.1, NetScaler 12.0, Citrix ADC 12.1, Citrix ADC 13.0 platforms.

Note

Enabling Post body and Response body signature rules might affect Citrix ADC CPU.

Common Vulnerability Entry (CVE) insight

Following is a list of signature rules, CVE IDs, and its description.

Signature rule CVE ID Description
999806 CVE-2019-3394 WEB-MISC Atlassian Confluence or Data Center - Local File Disclosure Vulnerability (CVE-2019-3394)
999807 CVE-2019-13569 WEB-WORDPRESS Icegram Email Subscribers & Newsletters plug-in Prior to 4.1.8 - SQLi Via Esfpx_lists Param (CVE-2019-13569)
999808 CVE-2019-13569 WEB-WORDPRESS Icegram Email Subscribers & Newsletters plug-in Prior to 4.1.8 - SQLi Via Order Param (CVE-2019-13569)
999809 CVE-2019-2768 WEB-MISC Oracle BI Publisher - Predictable Session Token Vulnerability (CVE-2019-2768)
999810 CVE-2019-1003001 WEB-MISC Jenkins Pipeline Groovy plug-in Up To 2.61 - Sandbox Bypass Vulnerability Via Job Update (CVE-2019-1003001)
999811 CVE-2019-13575 WEB-WORDPRESS WPEverest Everest Forms plug-in Prior to 1.5.0 - SQL Injection (CVE-2019-13575)
999812 CVE-2019-15896 WEB-WORDPRESS LifterLMS plug-in Up To 3.34.5 - Security Bypass Vulnerability (CVE-2019-15896)
999813 CVE-2019-3396 WEB-MISC Atlassian Confluence or Data Center - Remote Code Execution Vulnerability (CVE-2019-3396)
999814 CVE-2019-5475 WEB-MISC Sonatype Nexus Repository Manager Prior to 2.14.14 - Remote Code Execution Via Createrepo Path (CVE-2019-5475)
999815 CVE-2019-5475 WEB-MISC Sonatype Nexus Repository Manager Prior to 2.14.14 - Remote Code Execution Via Mergerepo Path (CVE-2019-5475)
999816 CVE-2019-15104 WEB-MISC Zoho ManageEngine OpManager Version Prior to 12.4 - SQL Injection Vulnerability (CVE-2019-15104)
Signature update version 37
December 4, 2020
Contributed by: 
C
December 4, 2020
Contributed by: 
C

In this article

Site feedback | Privacy and legal terms | Cookie preferences | Consent settings
© 1999- Citrix Systems, Inc. All rights reserved.