Signature update version 37
New signatures rules are generated for the vulnerabilities identified in version 37. You can download and configure these signature rules to protect your appliance from security vulnerable attacks.
Signature version
Signature version 37 applicable for NetScaler VPX 11.1, NetScaler 12.0, Citrix ADC 12.1, Citrix ADC 13.0 platforms.
Note
Enabling Post body and Response body signature rules might affect Citrix ADC CPU.
Common Vulnerability Entry (CVE) insight
Following is a list of signature rules, CVE IDs, and its description.
| Signature rule | CVE ID | Description |
|---|---|---|
| 999806 | CVE-2019-3394 | WEB-MISC Atlassian Confluence or Data Center - Local File Disclosure Vulnerability (CVE-2019-3394) |
| 999807 | CVE-2019-13569 | WEB-WORDPRESS Icegram Email Subscribers & Newsletters Plugin Prior to 4.1.8 - SQLi Via Esfpx_lists Param (CVE-2019-13569) |
| 999808 | CVE-2019-13569 | WEB-WORDPRESS Icegram Email Subscribers & Newsletters Plugin Prior to 4.1.8 - SQLi Via Order Param (CVE-2019-13569) |
| 999809 | CVE-2019-2768 | WEB-MISC Oracle BI Publisher - Predictable Session Token Vulnerability (CVE-2019-2768) |
| 999810 | CVE-2019-1003001 | WEB-MISC Jenkins Pipeline Groovy Plugin Up To 2.61 - Sandbox Bypass Vulnerability Via Job Update (CVE-2019-1003001) |
| 999811 | CVE-2019-13575 | WEB-WORDPRESS WPEverest Everest Forms Plugin Prior to 1.5.0 - SQL Injection (CVE-2019-13575) |
| 999812 | CVE-2019-15896 | WEB-WORDPRESS LifterLMS Plugin Up To 3.34.5 - Security Bypass Vulnerability (CVE-2019-15896) |
| 999813 | CVE-2019-3396 | WEB-MISC Atlassian Confluence or Data Center - Remote Code Execution Vulnerability (CVE-2019-3396) |
| 999814 | CVE-2019-5475 | WEB-MISC Sonatype Nexus Repository Manager Prior to 2.14.14 - Remote Code Execution Via Createrepo Path (CVE-2019-5475) |
| 999815 | CVE-2019-5475 | WEB-MISC Sonatype Nexus Repository Manager Prior to 2.14.14 - Remote Code Execution Via Mergerepo Path (CVE-2019-5475) |
| 999816 | CVE-2019-15104 | WEB-MISC Zoho ManageEngine OpManager Version Prior to 12.4 - SQL Injection Vulnerability (CVE-2019-15104) |
Signature update version 37
Copied!
Failed!