Signature update for April 2021

New signatures rules are generated for the vulnerabilities identified in the week 2021-04-08. You can download and configure these signature rules to protect your appliance from security vulnerable attacks.

Signature version

Signature version 63 applicable for NetScaler VPX 11.1, NetScaler 12.0, Citrix ADC 12.1, Citrix ADC 13.0 platforms.

Note:

Enabling Post body and Response body signature rules might affect Citrix ADC CPU.

Common Vulnerability Entry (CVE) insight

Following is a list of signature rules, CVE IDs, and its description.

Signature rule CVE ID Description
999294 CVE-2021-3273 WEB-MISC NagiosXI Prior to 5.7 - Code Injection Vulnerability (CVE-2021-3273)
999295 CVE-2021-3197 WEB-MISC SaltStack Prior to 3002.3 - Remote Code Execution Vulnerability Via ssh_priv (CVE-2021-3197)
999296 CVE-2021-3197 WEB-MISC SaltStack Prior to 3002.3 - Remote Code Execution Vulnerability Via ssh_port (CVE-2021-3197)
999297 CVE-2021-3197 WEB-MISC SaltStack Prior to 3002.3 - Remote Code Execution Vulnerability Via ssh_options (CVE-2021-3197)
999298 CVE-2021-3197 WEB-MISC SaltStack Prior to 3002.3 - Remote Code Execution Vulnerability Via ProxyCommand in JSON Object (CVE-2021-3197)
999299 CVE-2021-25282 WEB-MISC SaltStack Prior to 3002.3 - Path Traversal Vulnerability Via pillar_roots.write (CVE-2021-25282)
999300 CVE-2021-24166 WEB-WORDPRESS Ninja Forms Plugin Prior to 3.4.34 - CSRF Vulnerability (CVE-2021-24166)
999301 CVE-2021-24085 WEB-MISC Microsoft Exchange Server - Spoofing Vulnerability (CVE-2021-24085)
999302 CVE-2021-22986 WEB-MISC F5 iControl REST API - Remote Code Execution Vulnerability (CVE-2021-22986)
999303 CVE-2021-21978 WEB-MISC VMWare View Planner Harness 4.x prior to 4.6 Security Patch 1 - Remote Code Execution Vulnerability (CVE-2021-21978)
999304 CVE-2020-23132 WEB-MISC Joomla! Prior to 3.9.25 - Unsafe com_media Upload Path Vulnerability Via file_path (CVE-2020-23132)
999305 CVE-2020-23132 WEB-MISC Joomla! Prior to 3.9.25 - Unsafe com_media Upload Path Vulnerability Via image_path (CVE-2020-23132)
999306 CVE-2020-22425 WEB-MISC Centreon Prior to 20.10.4 - SQL Injection Vulnerability (CVE-2020-22425)
Signature update for April 2021