Signature update for December 2020

New signatures rules are generated for the vulnerabilities identified in the week 2020-12-02. You can download and configure these signature rules to protect your appliance from security vulnerable attacks.

Signature version

Signature version 54 applicable for NetScaler VPX 11.1, NetScaler 12.0, Citrix ADC 12.1, Citrix ADC 13.0 platforms.

Note:

Enabling Post body and Response body signature rules might affect Citrix ADC CPU. As part of signature update version 54, log string for signature 999720 is changed to ensure that it includes only ASCI characters.

Common Vulnerability Entry (CVE) insight

Following is a list of signature rules, CVE IDs, and its description.

Signature rule CVE ID Description
999394 CVE-2020-8255 WEB-MISC Pulse Connect Secure Prior To 9.1R9 - Information Disclosure Vulnerability (CVE-2020-8255)
999395 CVE-2020-6128 WEB-MISC OS4Ed OpenSIS Prior to 7.5 - SQLi Vulnerability Via CoursePeriodModal.php (CVE-2020-6128)
999396 CVE-2020-6126, CVE-2020-6127 WEB-MISC OS4Ed OpenSIS Prior to 7.5 - SQLi Vulnerability Via CoursePeriodModal.php (CVE-2020-6126, CVE-2020-6127)
999397 CVE-2020-28328 WEB-MISC SuiteCRM Prior to 7.11.16 - Remote Code Execution Vulnerability (CVE-2020-28328)
999398 CVE-2020-27995 WEB-MISC Zoho ManageEngine Applications Manager 14 Prior to Build 14560 - SQL Injection Vulnerability (CVE-2020-27995)
999399 CVE-2020-26879 WEB-MISC Ruckus vRIoT Server Prior to 1.6.0 - Authorization Bypass Vulnerability Via /service/ (CVE-2020-26879)
999400 CVE-2020-26879 WEB-MISC Ruckus vRIoT Server Prior to 1.6.0 - Authorization Bypass Vulnerability Via /reboot (CVE-2020-26879)
999401 CVE-2020-26879 WEB-MISC Ruckus vRIoT Server Prior to 1.6.0 - Authorization Bypass Vulnerability Via /patch/ (CVE-2020-26879)
999402 CVE-2020-26879 WEB-MISC Ruckus vRIoT Server Prior to 1.6.0 - Authorization Bypass Vulnerability Via /upgrade/ (CVE-2020-26879)
999403 CVE-2020-26879 WEB-MISC Ruckus vRIoT Server Prior to 1.6.0 - Authorization Bypass Vulnerability Via /module/ (CVE-2020-26879)
999404 CVE-2020-26878 WEB-MISC Ruckus vRIoT Server Prior to 1.6.0 - Arbitrary OS Command Injection Vulnerability (CVE-2020-26878)
999405 CVE-2020-25790 WEB-MISC Typesetter CMS 5.x Through 5.1 - Unsecure File Upload Vulnerability (CVE-2020-25790)
999406 CVE-2020-25540 WEB-MISC ThinkAdmin v6 - Directory Traversal Vulnerability (CVE-2020-25540)
999407 CVE-2020-14883 WEB-MISC Oracle WebLogic Server - Authenticated Remote Code Execution Vulnerability (CVE-2020-14883)
999408 CVE-2020-14882, CVE-2020-14750 WEB-MISC Oracle WebLogic Server - Authentication Bypass Vulnerability (CVE-2020-14882, CVE-2020-14750)
999409 CVE-2020-11975, CVE-2020-13942 WEB-MISC Apache Unomi Prior to 1.5.2 - Remote Code Execution Vulnerability (CVE-2020-11975, CVE-2020-13942)
999410 CVE-2020-11803 WEB-MISC Titan SpamTitan Prior To 7.08 - Remote Code Execution Vulnerability (CVE-2020-11803)
Signature update for December 2020