ADC

签名更新版本 102

针对在 2023-02-03 周发现的漏洞生成了新的签名规则。您可以下载并配置这些签名规则,以保护您的设备免受安全漏洞攻击。

签名版本

签名版本 102 适用于 NetScaler 11.1、NetScaler 12.0、Citrix ADC 12.1、Citrix ADC 13.0、Citrix ADC 13.1 平台。

注意

启用帖子正文和响应正文签名规则可能会影响 Citrix ADC CPU。

常见漏洞条目 (CVE) 见解

以下是签名规则、CVE ID 及其描述的列表。

签名规则 CVE ID 说明
998774 CVE-2022-47966 WEB-MISC Zoho ManageEngine Products - RCE Vulnerability Via XSL Transformations in SamlResponseServlet Endpoint (CVE-2022-47966)
998775 CVE-2022-47966 WEB-MISC Zoho ManageEngine Products - RCE Vulnerability Via XSL Transformations in samlLogin Endpoint (CVE-2022-47966)
998776 CVE-2022-47615 WEB-WORDPRESS LearnPress Plugin Up to 4.1.7.3.2 - REST_ROUTE Local File Inclusion Vulnerability (CVE-2022-47615)
998777 CVE-2022-47615 WEB-WORDPRESS LearnPress Plugin Up to 4.1.7.3.2 - REST API Local File Inclusion Vulnerability (CVE-2022-47615)
998778 CVE-2022-46169 WEB-MISC Cacti Server Prior to 1.2.23 - Command Injection (CVE-2022-46169)
998779 CVE-2022-45808 WEB-WORDPRESS LearnPress Plugin Prior to 4.2 - REST_ROUTE SQL Injection Vulnerability via order_by (CVE-2022-45808)
998780 CVE-2022-45808 WEB-WORDPRESS LearnPress Plugin Prior to 4.2 - REST API SQL Injection Vulnerability via order_by (CVE-2022-45808)
998781 CVE-2022-45808 WEB-WORDPRESS LearnPress Plugin Prior to 4.2 - REST_ROUTE SQL Injection Vulnerability via order (CVE-2022-45808)
998782 CVE-2022-45808 WEB-WORDPRESS LearnPress Plugin Prior to 4.2 - REST API SQL Injection Vulnerability via order (CVE-2022-45808)
998783 CVE-2022-44877 WEB-MISC Control Web Panel (CWP) 7 Prior to 0.9.8.1147 - OS Command Injection Vulnerability (CVE-2022-44877)
998784 CVE-2022-43473 WEB-MISC Zoho ManageEngine OpManager Prior to 126141 - XML External Entity Injection Vulnerability (CVE-2022-43473)
998785 CVE-2022-43447 WEB-MISC Delta Electronics DIAEnergie - SQL Injection Vulnerability in AM_EBillAnalysis Via txtPf (CVE-2022-43447)
998786 CVE-2022-43447 WEB-MISC Delta Electronics DIAEnergie - SQL Injection Vulnerability in AM_EBillAnalysis Via txtFav (CVE-2022-43447)
998787 CVE-2022-4323 WEB-WORDPRESS Google Analyticator Plugin Prior to 6.5.6 - PHP Object Injection Vulnerability (CVE-2022-4323)
998788 CVE-2022-42904 WEB-MISC Zoho ManageEngine ADManager Plus Prior to 7160 - OS Command Injection Vulnerability (CVE-2022-42904)
998789 CVE-2022-34271 WEB-MISC Apache Atlas Prior to 2.3.0 - Arbitrary File Upload Vulnerability (CVE-2022-34271)
签名更新版本 102