Citrix ADC

Signature update for July 2022

New signatures rules are generated for the vulnerabilities identified in the week 2022-07-30. You can download and configure these signature rules to protect your appliance from security vulnerable attacks.

Signature version

Signature version 90 applicable for NetScaler VPX 11.1, NetScaler 12.0, Citrix ADC 12.1, Citrix ADC 13.0, Citrix ADC 13.1 platforms.

Note

Enabling Post body and Response body signature rules might affect Citrix ADC CPU.

Common Vulnerability Entry (CVE) insight

Following is a list of signature rules, CVE IDs, and its description.

Signature rule CVE ID Description
998929 CVE-2022-34871 WEB-MISC Centreon Prior to 21.10.6 - SQL Injection Vulnerability (CVE-2022-34871)
998930 CVE-2022-29846 WEB-MISC In Progress Ipswitch WhatsUp Gold - Information Disclosure Vulnerability (CVE-2022-29846)
998931 CVE-2022-29845 WEB-MISC In Progress Ipswitch WhatsUp Gold - Path Traversal Vulnerability (CVE-2022-29845)
998932 CVE-2022-28055 WEB-MISC FusionPBX Prior to 5.0.1 - Remote Code Execution Vulnerability (CVE-2022-28055)
998933 CVE-2022-26138 WEB-MISC Atlassian Questions For Confluence App - Hardcoded Credentials Vulnerability Via REST API (CVE-2022-26138)
998934 CVE-2022-26138 WEB-MISC Atlassian Questions For Confluence App - Hardcoded Credentials Vulnerability Via Login Form (CVE-2022-26138)
998935 CVE-2022-26135 WEB-MISC Jira Server and Data Center - Mobile Plugin Server-Side Request Forgery Vulnerability (CVE-2022-26135)
998936 CVE-2022-21445 WEB-MISC Oracle OBIEE ADF Faces - Deserialization of Untrusted Data Vulnerability (CVE-2022-21445)
998937 CVE-2022-2143 WEB-MISC Advantech iView Prior to 5.7.04.6469 - RCE Vulnerability Via NetworkServlet URI and fwfilename (CVE-2022-2143)
998938 CVE-2022-2143 WEB-MISC Advantech iView Prior to 5.7.04.6469 - RCE Vulnerability Via CommandServlet URI and fwfilename (CVE-2022-2143)
998939 CVE-2022-2143 WEB-MISC Advantech iView Prior to 5.7.04.6469 - RCE Vulnerability Via NetworkServlet URI and backup_filename (CVE-2022-2143)
998940 CVE-2022-2143 WEB-MISC Advantech iView Prior to 5.7.04.6469 - RCE Vulnerability Via CommandServlet URI and backup_filename (CVE-2022-2143)
998941 CVE-2022-2099 WEB-WORDPRESS WooCommerce Plugin Prior to 6.6.0 - Payment Gateway HTML Injection Vulnerability (CVE-2022-2099)
Signature update for July 2022