Citrix ADC

Signature update for March 2022

New signatures rules are generated for the vulnerabilities identified in the week 2022-03-29. You can download and configure these signature rules to protect your appliance from security vulnerable attack.

Signature version

Signature version 78 applicable for NetScaler VPX 11.1, NetScaler 12.0, Citrix ADC 12.1, Citrix ADC 13.0, Citrix ADC 13.1 platforms.

Note:

Enabling Post body and Response body signature rules might affect Citrix ADC CPU.

Common Vulnerability Entry (CVE) insight

Following is a list of signature rules, CVE IDs, and its description.

Signature rule CVE ID Description
999006   WEB-MISC Zabbix Multiple Versions - Remote Code Execution Vulnerability Via items.php
999007 CVE-2022-24266 WEB-MISC Cuppa CMS v1.0 - SQL Injection Vulnerability via order_orientation (CVE-2022-24266)
999008 CVE-2022-24266 WEB-MISC Cuppa CMS v1.0 - SQL Injection Vulnerability via order_by (CVE-2022-24266)
999009 CVE-2022-22005 WEB-MISC Microsoft SharePoint - RCE Via Deserialization of Untrusted Data Vulnerability (CVE-2022-22005)
999010 CVE-2022-21705 WEB-MISC OctoberCMS Prior to Build 474 and v1.1.10 - Remote Code Execution Vulnerability (CVE-2022-21705)
999011 CVE-2022-0557 WEB-MISC Microweber Prior to 1.2.11 - Remote Code Execution Vulnerability (CVE-2022-0557)
999012 CVE-2022-0513 WEB-WORDPRESS WP Statistics Plugin Prior to 13.1.5 - Blind SQL Injection Vulnerability (CVE-2022-0513)
999013 CVE-2022-0332 WEB-MISC Moodle 3.11.0 to 3.11.4 - H5P Activity SQL Injection Vulnerability (CVE-2022-0332)
999014 CVE-2021-46088 WEB-MISC Zabbix Multiple Versions - Remote Code Execution Vulnerability (CVE-2021-46088)
999015 CVE-2021-43789 WEB-MISC PrestaShop Prior to 1.7.8.2 - SQL Injection Vulnerability Via sortOrder (CVE-2021-43789)
999016 CVE-2021-43789 WEB-MISC PrestaShop Prior to 1.7.8.2 - SQL Injection Vulnerability Via orderBy (CVE-2021-43789)
999017 CVE-2021-43408 WEB-WORDPRESS Duplicate Post Plugin Prior to 1.1.9 - SQL Injection Vulnerability (CVE-2021-43408)
999018 CVE-2021-43319 WEB-MISC Zoho ManageEngine NCM Prior to 125488 - OS Command Injection Vulnerability (CVE-2021-43319)
999019 CVE-2021-41282 WEB-MISC pfSense 2.5.2 - Remote Code Execution Vulnerability (CVE-2021-41282)
999020 CVE-2021-39115, CVE-2021-43947 WEB-MISC Atlassian Jira Server and Data Center - Server Side Template Injection Vulnerability (CVE-2021-39115, CVE-2021-43947)
999021 CVE-2021-38452 WEB-MISC Moxa MXview Network Management Prior to 3.2.2 - Path Traversal Vulnerability (CVE-2021-38452)
999022 CVE-2021-37918 WEB-MISC Zoho ManageEngine ADManager Plus Prior to 7111 - Path Traversal Vulnerability Via domainName (CVE-2021-37918)
999023 CVE-2021-37918 WEB-MISC Zoho ManageEngine ADManager Plus Prior to 7111 - Path Traversal Vulnerability Via bm_operationId (CVE-2021-37918)
999024 CVE-2021-37918 WEB-MISC Zoho ManageEngine ADManager Plus Prior to 7111 - RCE Via Arbitrary File Upload Vulnerability (CVE-2021-37918)
999025 CVE-2021-32649 WEB-MISC OctoberCMS Prior to Build 473 and v1.1.6 - Remote Code Execution Vulnerability via Twig (CVE-2021-32649)
999026 CVE-2021-32648 WEB-MISC OctoberCMS Prior to Build 472 and v1.1.5 - Password Reset Vulnerability (CVE-2021-32648)
999027 CVE-2021-32099, CVE-2020-26518 WEB-MISC Artica Pandora Prior to 743 - SQL Injection Vulnerability Via chart_generator (CVE-2021-32099, CVE-2020-26518)
999028 CVE-2021-32098 WEB-MISC Artica Pandora Prior to 743 - Phar Deserialization Vulnerability Via progressbubble (CVE-2021-32098)
999029 CVE-2021-32098 WEB-MISC Artica Pandora Prior to 743 - Phar Deserialization Vulnerability Via progressbar (CVE-2021-32098)
999030 CVE-2021-30149 WEB-MISC Composr 10.0.36 - Remote Code Execution Vulnerability (CVE-2021-30149)
999031 CVE-2021-25114 WEB-WORDPRESS Paid Memberships Pro Plugin Prior to 2.6.7 - SQLi Vulnerability Via rest_route and discount_code (CVE-2021-25114)
999032 CVE-2021-25114 WEB-WORDPRESS Paid Memberships Pro Plugin Prior to 2.6.7 - SQLi Vulnerability Via wp-json and discount_code (CVE-2021-25114)
999033 CVE-2021-21984 WEB-MISC VMware vRealize Business for Cloud 7.x prior to 7.6.0 - Remote Code Execution Vulnerability (CVE-2021-21984)
Signature update for March 2022