Citrix ADC

Signature update for December 2021

New signatures rules are generated for the vulnerabilities identified in the week 2021-12-11. You can download and configure these signature rules to protect your appliance from security vulnerable attacks.

Signature version

Signatures are compatible with the following software versions of Citrix Application Delivery Controller (ADC) 11.1, 12.0, 12.1, 13.0 and 13.1.

Citrix ADC version 12.0 has reached end of life (EOL). For more information, see release life cycle page.

Note:

Enabling Post body and Response body signature rules might affect Citrix ADC CPU.

Common Vulnerability Entry (CVE) insight

Following is a list of signature rules, CVE IDs, and its description.

Signature rule CVE ID Description
999077 CVE-2021-44228 WEB-MISC Apache Log4j - Remote Code Execution Vulnerability via FORM (CVE-2021-44228)
999078 CVE-2021-44228 WEB-MISC Apache Log4j - Remote Code Execution Vulnerability via BODY (CVE-2021-44228)
999079 CVE-2021-44228 WEB-MISC Apache Log4j - Remote Code Execution Vulnerability via HEADER (CVE-2021-44228)
999080 CVE-2021-44228 WEB-MISC Apache Log4j - Remote Code Execution Vulnerability via URL (CVE-2021-44228)
999081 CVE-2021-42847 WEB-MISC Zoho ManageEngine ADAudit Plus Prior to 7006 - Unauthenticated Arbitrary File Write Vulnerability (CVE-2021-42847)
999082 CVE-2021-42321 WEB-MISC Microsoft Exchange Server - Remote Code Execution Vulnerability (CVE-2021-42321)
999083 CVE-2021-42258 WEB-MISC BQE BillQuick Web Suite 2021 - Unauthenticated SQL Injection Vulnerability Via txtID (CVE-2021-42258)
999084 CVE-2021-42258 WEB-MISC BQE BillQuick Web Suite 2020 - Unauthenticated SQL Injection Vulnerability Via txtID (CVE-2021-42258)
999085 CVE-2021-42258 WEB-MISC BQE BillQuick Web Suite 2019 - Unauthenticated SQL Injection Vulnerability Via txtID (CVE-2021-42258)
999086 CVE-2021-42258 WEB-MISC BQE BillQuick Web Suite 2018 - Unauthenticated SQL Injection Vulnerability Via txtID (CVE-2021-42258)
999087 CVE-2021-42237 WEB-MISC Sitecore From 7.5.0 To 8.2.7 - Remote Code Execution Vulnerability (CVE-2021-42237)
999088 CVE-2021-41950 WEB-MISC ResourceSpace 9.6 prior to rev 18277 - Unauthenticated Path Traversal Vulnerability via variant (CVE-2021-41950)
999089 CVE-2021-41950 WEB-MISC ResourceSpace 9.6 prior to rev 18277 - Unauthenticated Path Traversal Vulnerability via provider (CVE-2021-41950)
999090 CVE-2021-41349 WEB-MISC Microsoft Exchange Server - Cross-Site Scripting Vulnerability (CVE-2021-41349)
999091 CVE-2021-35217 WEB-MISC SolarWinds Orion Prior to 2020.2.6 HF1 - Deserialization Vulnerability Via WSAsyncExecuteTasks.aspx (CVE-2021-35217)
999092 CVE-2021-34416 WEB-MISC Zoom Meeting Connector 4.6.360.20210325 - Remote Code Execution Vulnerability (CVE-2021-34416)
999093 CVE-2021-22941 WEB-MISC Citrix ShareFile Storage Prior To 5.11.20 - Improper Access Control Vulnerability (CVE-2021-22941)
999094 CVE-2020-35136 WEB-MISC Dolibarr Prior to 12.0.4 - Remote Code Execution Vulnerability Via zipfilename_template and bz (CVE-2020-35136)
999095 CVE-2020-35136 WEB-MISC Dolibarr Prior to 12.0.4 - Remote Code Execution Vulnerability Via zipfilename_template and gz (CVE-2020-35136)
999096 CVE-2020-2950, CVE-2021-2456 WEB-MISC Oracle BI Publisher - Arbitrary Files Upload Vulnerability (CVE-2020-2950, CVE-2021-2456)
999097 CVE-2020-2950, CVE-2021-2456 WEB-MISC Oracle BI Publisher - Remote Code Execution Vulnerability (CVE-2020-2950, CVE-2021-2456)
Signature update for December 2021