Signature update for February 2021
New signatures rules are generated for the vulnerabilities identified in the week 2021-02-17. You can download and configure these signature rules to protect your appliance from security vulnerable attacks.
Signature version
Signature version 58 applicable for NetScaler VPX 11.1, NetScaler 12.0, Citrix ADC 12.1, Citrix ADC 13.0 platforms.
Note:
Enabling Post body and Response body signature rules might affect Citrix ADC CPU.
Common Vulnerability Entry (CVE) insight
Following is a list of signature rules, CVE IDs, and its description.
Signature rule | CVE ID | Description |
---|---|---|
999328 | CVE-2021-3317 | WEB-MISC KLog Server 2.4.1 and Prior - OS Command Injection Vulnerability (CVE-2021-3317) |
999329 | CVE-2021-3110 | WEB-MISC PrestaShop Prior to 1.7.7.1 - SQL Injection Vulnerability Via id_products (CVE-2021-3110) |
999330 | CVE-2021-3110 | WEB-MISC PrestaShop Prior to 1.7.7.1 - SQL Injection Vulnerability Via /module/productcomments/CommentGrade (CVE-2021-3110) |
999331 | CVE-2021-25646 | WEB-MISC Apache Druid Prior to 0.20.1 - Remote Code Execution Vulnerability (CVE-2021-25646) |
999332 | CVE-2020-36171 | WEB-WORDPRESS Elementor Page Builder Plugin Prior to 3.0.14 - XSS Vulnerability (CVE-2020-36171) |
999333 | CVE-2020-35765 | WEB-MISC Zoho ManageEngine Applications Manager Prior to Build 15000 - SQL Injection Vulnerability (CVE-2020-35765) |
999334 | CVE-2020-35589 | WEB-WORDPRESS Limit Login Attempts Reloaded Prior to 2.15.2 - Reflected Cross-Site Scripting Vulnerability (CVE-2020-35589) |
999335 | CVE-2020-26282 | WEB-MISC BrowserUp Proxy Prior to 2.1.2 - Template Injection Leading To RCE Vulnerability Via mostRecentEntry (CVE-2020-26282) |
999336 | CVE-2020-26282 | WEB-MISC BrowserUp Proxy Prior to 2.1.2 - Template Injection Leading To RCE Vulnerability Via entries (CVE-2020-26282) |
999337 | CVE-2020-14815 | WEB-MISC Oracle Business Intelligence Enterprise Edition - Reflected Cross-Site Scripting Vulnerability (CVE-2020-14815) |
999338 | WEB-WORDPRESS Contact Form 7 Database Addon Prior to 1.2.5.4 - SQLi Vulnerability Via Delete Bulk Action |
Signature update for February 2021
Copied!
Failed!