签名更新版本 34

针对版本 34 中识别的漏洞生成新的签名规则。您可以下载并配置这些签名规则,以保护您的设备免受安全漏洞攻击。

签名版本

签名版本 34 适用于 NetScaler VPX 11.1、NetScaler 12.0、Citrix ADC 12.1 和 Citrix ADC 13.0 平台。

注意

启用后置正文和响应正文签名规则可能会影响 Citrix ADC CPU。

常见漏洞条目 (CVE) 见解

以下是签名规则、CVE ID 及其描述的列表。

签名规则 CVE ID 说明
999843   WEB-WORDPRESS WordPress Plugin Ultimate Member Prior to Version 2.0.46 - Setting Arbitrary File For Read
999844   WEB-WORDPRESS WordPress Plugin Ultimate Member Prior to Version 2.0.46 - Arbitrary File Read
999845   WEB-WORDPRESS WordPress Plugin Ultimate Member Prior to Version 2.0.46 - File Removal Via File Replacement
999846   WEB-WORDPRESS WordPress Plugin Ultimate Member Prior to Version 2.0.46 - File Removal
999847   WEB-WORDPRESS WordPress Plugin Shortlinks Prior To 2.1.10 - CSV Injection Vulnerability
999848   WEB-WORDPRESS WordPress Plugin Shortlinks Prior To 2.1.10 - Unauthenticated Stored XSS Vulnerability
999849   WEB-WORDPRESS WordPress Plugin FV Flowplayer Video Player Prior To 7.3.13.727 - Unauthenticated Stored XSS Vulnerability
999850   WEB-WORDPRESS WordPress Plugin Easy Digital Downloads Prior To 2.9.16 - Unauthenticated Stored XSS Vulnerability
999851   WEB-WORDPRESS WordPress Plugin Crelly Slider Prior to version 1.3.5 - Arbitrary File Upload Vulnerability
999853 CVE-2019-2615 WEB-MISC Oracle WebLogic Server Information Disclosure Vulnerability
999854 CVE-2019-11872 WordPress Plugin Hustle Prior To 6.0.8.1 - CSV Injection Vulnerability
999855 CVE-2019-11231 WEB-MISC GetSimple CMS Version 3.3.15 and Prior - Arbitrary File Upload Vulnerability
999856 CVE-2019-11231 WEB-MISC GetSimple CMS Version 3.3.15 and Prior - API Key Information Disclosure
999857   WEB-WORDPRESS WordPress Plugin WP Database Backup Prior To 5.2 - Command Injection Vulnerability
999858   WEB-WORDPRESS WordPress Plugin Slick Popup Up To 1.7.1 - Privilege Escalation Vulnerability
999859 CVE-2019-12099 WEB-MISC PHP Fusion CMS Remote Code Execution Vulnerability in Version 9.03.00 and Prior

签名更新版本 34