ADC

签名更新版本 100

针对在 2023-01-05 周发现的漏洞生成了新的签名规则。您可以下载并配置这些签名规则,以保护您的设备免受安全漏洞攻击。

签名版本

签名版本 100 适用于 NetScaler 11.1、NetScaler 12.0、Citrix ADC 12.1、Citrix ADC 13.0、Citrix ADC 13.1 平台。

注意

启用帖子正文和响应正文签名规则可能会影响 Citrix ADC CPU。

常见漏洞条目 (CVE) 见解

以下是签名规则、CVE ID 及其描述的列表。

签名规则 CVE ID 说明
998802 CVE-2022-47945 WEB-MISC ThinkPHP - Language File Inclusion RCE Vulnerability Via Header (CVE-2022-47945)
998803 CVE-2022-47945 WEB-MISC ThinkPHP - Language File Inclusion RCE Vulnerability via Cookie (CVE-2022-47945)
998804 CVE-2022-47945 WEB-MISC ThinkPHP - Language File Inclusion RCE Vulnerability via Form (CVE-2022-47945)
998805 CVE-2022-45462 WEB-MISC Apache DolphinScheduler Prior to 2.0.6 - OS Command Injection Vulnerability (CVE-2022-45462)
998806 CVE-2022-44635 WEB-MISC Apache Fineract Prior to 1.8.1 - File Upload Path Traversal Vulnerability (CVE-2022-44635)
998807 CVE-2022-43672 WEB-MISC Zoho ManageEngine Multiple Products - SQL Injection Vulnerability (CVE-2022-43672)
998808 CVE-2022-43671 WEB-MISC Zoho ManageEngine Multiple Products - SQL Injection Vulnerability (CVE-2022-43671)
998809 CVE-2022-41773 WEB-MISC Delta DIAEnergie - SQL Injection Vulnerability Via CheckDIACloud (CVE-2022-41773)
998810 CVE-2022-41351 WEB-MISC Zimbra Collaboration Suite 8.8.15 - XSS vulnerability (CVE-2022-41351)
998811 CVE-2022-41350 WEB-MISC Zimbra Collaboration Suite 8.8.15 - XSS vulnerability (CVE-2022-41350)
998812 CVE-2022-41133 WEB-MISC Delta Electronics DIAEnergie - SQLi Vulnerability Via GetDIAE_line_message_settingsListParameters (CVE-2022-41133)
998813 CVE-2022-40967 WEB-MISC Delta Electronics DIAEnergie - SQL Injection Vulnerability Via CheckIoTHubNameExisted (CVE-2022-40967)
998814 CVE-2022-34662 WEB-MISC Apache DolphinScheduler Prior to 2.0.6 - Path Traversal Vulnerability (CVE-2022-34662)
998815 CVE-2022-3383,CVE-2022-3384 WEB-WORDPRESS WordPress Plugin Ultimate Member Prior to 2.5.2 - Command Injection Vulnerability (CVE-2022-3383, CVE-2022-3384)
998816 CVE-2022-31698 WEB-MISC VMWare vCenter Server Prior to 6.5U3u, 6.7.0U3s and 7.0U3i - Denial of Service Vulnerability (CVE-2022-31698)
998817 CVE-2022-20867 WEB-MISC Cisco Email Security Appliance - SQL Injection Vulnerability (CVE-2022-20867)
签名更新版本 100