Signature update for January 2021

New signatures rules are generated for the vulnerabilities identified in the week 2021-01-18. You can download and configure these signature rules to protect your appliance from security vulnerable attacks.

Signature version

Signature version 56 applicable for NetScaler VPX 11.1, NetScaler 12.0,Citrix ADC 12.1, Citrix ADC 13.0 platforms.

Note:

Enabling Post body and Response body signature rules might affect Citrix ADC CPU.

Common Vulnerability Entry (CVE) insight

Following is a list of signature rules, CVE IDs, and its description.

Signature rule CVE ID Description
999366 CVE-2020-8466 WEB-MISC Trend Micro IWSSVA 6.5 SP2 Prior to Build 1919 - Unauthenticated OS Command Injection Vulnerability (CVE-2020-8466)
999367 CVE-2020-6135 WEB-MISC OS4Ed OpenSIS Prior to 7.5 - SQLi Vulnerability Via Validator.php (CVE-2020-6135)
999368 CVE-2020-4001 WEB-MISC VMWare SD-WAN Orchestrator - Pass-the-Hash Vulnerability (CVE-2020-4001)
999369 CVE-2020-4000 WEB-MISC VMWare SD-WAN Orchestrator - Path Traversal Vulnerability (CVE-2020-4000)
999370 CVE-2020-3984 WEB-MISC VMWare SD-WAN Orchestrator - SQL Injection Vulnerability Via Modulus (CVE-2020-3984)
999371 CVE-2020-35606 WEB-MISC Webmin Up to 1.962 - Remote Code Execution Vulnerability (CVE-2020-35606)
999372 CVE-2020-17143 WEB-MISC Microsoft Exchange Server - Information Disclosure Vulnerability (CVE-2020-17143)
999373 CVE-2020-17141 WEB-MISC Microsoft Exchange Server - Remote Code Execution Vulnerability Via RouteComplaint (CVE-2020-17141)
999374 CVE-2020-10816 WEB-MISC Zoho ManageEngine Applications Manager 14 Prior to Build 14790 - Improper Authentication Vulnerability (CVE-2020-10816)
999375 CVE-2019-5533 WEB-MISC VMWare SD-WAN Orchestrator - Information Disclosure Vulnerability (CVE-2019-5533)
999376 CVE-2018-15961 WEB-MISC Adobe ColdFusion 12 Prior to Update 6 or 14 - Arbitrary File Upload Vulnerability (CVE-2018-15961)
Signature update for January 2021