2020 年 6 月的签名更新

针对 2020-06-03 周发现的漏洞生成新的特征码规则。您可以下载并配置这些签名规则,以保护您的设备免受安全漏洞攻击。

签名版本

签名版本 46 适用于 NetScaler VPX 11.1、NetScaler 12.0、Citrix ADC 12.1、Citrix ADC 13.0 平台。

注意:

启用后置正文和响应正文签名规则可能会影响 Citrix ADC CPU。

常见漏洞条目 (CVE) 见解

以下是签名规则、CVE ID 及其描述的列表。

签名规则 CVE ID 说明
999643   WEB-WORDPRESS 10Web Map Builder for Google Maps Plugin Prior to 10.0.64 - Unauthenticated XSS Vulnerability Via gmwd_setup Page
999644   WEB-WORDPRESS 10Web Map Builder for Google Maps Plugin 10.0.64 and Prior - XSS Vulnerability Via options_gmwd Page
999645 CVE-2020-5187 WEB-MISC DNN Up To 9.4.4 - Path Traversal Vulnerability Via URL (CVE-2020-5187)
999646 CVE-2020-5187 WEB-MISC DNN Up To 9.4.4 - Path Traversal Vulnerability Via Local (CVE-2020-5187)
999647 CVE-2020-9335 WEB-WORDPRESS Photo Gallery Plugin Prior to 1.5.46 - XSS Vulnerability Via image_alt_text_ Field (CVE-2020-9335)
999648 CVE-2020-9335 WEB-WORDPRESS Photo Gallery Plugin Prior to 1.5.46 - XSS Vulnerability Via Name Field (CVE-2020-9335)
999649 CVE-2020-9335 WEB-WORDPRESS Photo Gallery Plugin Prior to 1.5.46 - XSS Vulnerability Via Description Fields (CVE-2020-9335)
999650 CVE-2020-10189 WEB-MISC Zoho ManageEngine Desktop Central Prior to 10.0.479 - Unauthenticated Remote Code Execution Vuln (CVE-2020-10189)
999651 CVE-2020-10189 WEB-MISC Zoho ManageEngine Desktop Central Prior to 10.0.479 - Unauthenticated Arbitrary File Upload Vuln (CVE-2020-10189)
999652   WEB-WORDPRESS Flexible Checkout Fields for WooCommerce Plugin Prior to 2.3.2 - Unauthenticated Settings Modification Vuln
999653 CVE-2020-0688 WEB-MISC Microsoft Exchange Server - Validation Key Remote Code Execution Vulnerability (CVE-2020-0688)
999654 CVE-2020-8947, CVE-2019-20224 WEB-MISC Artica Pandora FMS 7.0 - Remote Code Execution Vulnerability Via ip_src Parameter (CVE-2020-8947, CVE-2019-20224)
999655 CVE-2020-8947, CVE-2019-20224 WEB-MISC Artica Pandora FMS 7.0 - Remote Code Execution Vulnerability Via dst_port Parameter (CVE-2020-8947, CVE-2019-20224)
999656 CVE-2020-8947, CVE-2019-20224 WEB-MISC Artica Pandora FMS 7.0 - Remote Code Execution Vulnerability Via src_port Parameter (CVE-2020-8947, CVE-2019-20224)
999657 CVE-2020-8947, CVE-2019-20224 WEB-MISC Artica Pandora FMS 7.0 - Remote Code Execution Vulnerability Via ip_dst Parameter (CVE-2020-8947, CVE-2019-20224)
999658 CVE-2020-5186 WEB-MISC DNN Up To 9.5.0 - Cross Site Scripting Vulnerability Via Journal XML Upload (CVE-2020-5186)
999659   WEB-WORDPRESS WP Sitemap Page Plugin 1.6.2 and Prior - XSS Vulnerability Via wsp_exclude_pages
999660 CVE-2020-5188 WEB-MISC DNN Up To 9.5.0 - Insecure Permissions Vulnerability Via UploadFromUrl (CVE-2020-5188)
999661 CVE-2020-5188 WEB-MISC DNN Up To 9.5.0 - Insecure Permissions Vulnerability Via UploadFromLocal (CVE-2020-5188)
999662 CVE-2020-7799 WEB-MISC FusionAuth Prior To 1.11.0 - Remote Code Execution Vulnerability Via API Theme (CVE-2020-7799)
999663 CVE-2020-7799 WEB-MISC FusionAuth Prior To 1.11.0 - Remote Code Execution Vulnerability Via API Email Template (CVE-2020-7799)
999664 CVE-2020-7799 WEB-MISC FusionAuth Prior To 1.11.0 - Remote Code Execution Vulnerability Via GUI Theme (CVE-2020-7799)
999665 CVE-2020-7799 WEB-MISC FusionAuth Prior To 1.11.0 - Remote Code Execution Vulnerability Via GUI Email Template (CVE-2020-7799)

2020 年 6 月的签名更新