2020 年 6 月的签名更新

针对 2020-06-12 周发现的漏洞生成新的特征码规则。您可以下载并配置这些签名规则,以保护您的设备免受安全漏洞攻击。

签名版本

签名版本 47 适用于 NetScaler VPX 11.1、NetScaler 12.0、Citrix ADC 12.1、Citrix ADC 13.0 平台。

注意:

启用后置正文和响应正文签名规则可能会影响 Citrix ADC CPU。

常见漏洞条目 (CVE) 见解

以下是签名规则、CVE ID 及其描述的列表。

签名规则 CVE ID 说明
999580 CVE-2020-6010 WEB-WORDPRESS LearnPress LMS Plugin Prior to 3.2.6.9 - SQL Injection Vulnerability (CVE-2020-6010)
999581   WEB-MISC Nagios XI Up To 5.6.13 - Service Command_Test Arbitrary Command Execution Vulnerability
999582 CVE-2020-0932 Microsoft SharePoint Server - WebPart Source Markup Remote Code Execution Vulnerability Via SOAP 1.2 (CVE-2020-0932)
999583 CVE-2020-0932 Microsoft SharePoint Server - WebPart Source Markup Remote Code Execution Vulnerability Via SOAP 1.1 (CVE-2020-0932)
999584 CVE-2020-12642 WEB-WORDPRESS Ninja Forms Plugin Prior to 3.4.24.2 - Cross-Site Request Forgery Vulnerability via Import Fields (CVE-2020-12642)
999585 CVE-2020-12642 WEB-WORDPRESS Ninja Forms Plugin Prior to 3.4.24.2 - Cross-Site Request Forgery Vulnerability via Import Form (CVE-2020-12642)
999586 CVE-2020-11450 WEB-MISC Microstrategy Web 10.4 - Information Disclosure Vulnerability (CVE-2020-11450)
999587 CVE-2020-7935 WEB-MISC Artica Pandora FMS 7.0 - Unrestricted Upload of File With Dangerous Type Vulnerability Allows RCE (CVE-2020-7935)
999588 CVE-2020-12116 WEB-MISC Zoho ManageEngine OpManager Prior to Build 125125 - Information Disclosure Vulnerability (CVE-2020-12116)
999589   WEB-WORDPRESS Elementor Page Builder Prior to 2.9.6 - Privilege Escalation Vulnerability
999590 CVE-2020-11738 WEB-WORDPRESS - Snap Creek Duplicator Plugin Prior to 1.3.28 - Path Traversal Vulnerability (CVE-2020-11738)
999591 CVE-2020-10389 WEB-MISC Chadha PHPKB Standard Multi-Language 9 - Remote Code Execution vulnerability (CVE-2020-10389)
999592 CVE-2020-11516 WEB-WORDPRESS Contact Form 7 Datepicker Plugin Up To 2.6.0 - Stored XSS Vulnerability (CVE-2020-11516)
999593   WEB-MISC Nagios XI Up To 5.6.13 - Export-RRD Arbitrary Command Execution Vulnerability Via Step
999594   WEB-MISC Nagios XI Up To 5.6.13 - Export-RRD Arbitrary Command Execution Vulnerability Via End
999595   WEB-MISC Nagios XI Up To 5.6.13 - Export-RRD Arbitrary Command Execution Vulnerability Via Start
999596 CVE-2019-19799 Zoho ManageEngine Applications Manager Previous To 14600 - Information Disclosure Vulnerability (CVE-2019-19799)
999597 CVE-2020-10458 WEB-MISC Chadha PHPKB Standard Multi-Language 9 - Arbitrary Folder Deletion Vulnerability (CVE-2020-10458)
999598 CVE-2017-9822 WEB-MISC DNN Before 9.1.1 - Remote Code Execution Vulnerability Via DNNPersonalization Cookie (CVE-2017-9822)
999599 CVE-2020-7953 WEB-MISC OpServices OpMon 9.3.2 - Unauthenticated Information Disclosure Vulnerability Via nmap_options Param (CVE-2020-7953)
999600 CVE-2020-7953 WEB-MISC OpServices OpMon 9.3.2 - Unauthenticated Information Disclosure Vulnerability Via host Param (CVE-2020-7953)
999601   WEB-MISC Bolt CMS 3.7.0 - File Rename to a Dangerous Type Vulnerability Via newname Parameter
999602   WEB-MISC Bolt CMS 3.7.0 - Path Traversal Vulnerability Via newname Parameter
999603   WEB-MISC Bolt CMS 3.7.0 - Path Traversal Vulnerability Via oldname Parameter
999604   WEB-MISC Bolt CMS 3.7.0 - Path Traversal Vulnerability Via parent Parameter
999605   WEB-MISC Bolt CMS 3.7.0 - Improper Field Validation Vulnerability in displayname Parameter
999606 CVE-2020-9004 WEB-MISC - Wowza Streaming Engine 4.7.8 - Incorrect Authorization Vulnerability in View Logs (CVE-2020-9004)
999607 CVE-2020-9004 WEB-MISC - Wowza Streaming Engine 4.7.8 - Incorrect Authorization Vulnerability in Media Cache Settings (CVE-2020-9004)
999608 CVE-2020-9004 WEB-MISC - Wowza Streaming Engine 4.7.8 - Incorrect Authorization Vulnerability in Applications Settings (CVE-2020-9004)
999609 CVE-2020-9004 WEB-MISC - Wowza Streaming Engine 4.7.8 - Incorrect Authorization Vulnerability in Server Settings (CVE-2020-9004)
999610   WEB-MISC PrestaShop 1.7.6.5 - CSRF Vulnerability via Filemanager
999611 CVE-2020-10238 WEB-MISC Joomla! Previous To 3.9.16 - Security Bypass Vulnerability via com_templates (CVE-2020-10238)
999612 CVE-2020-11510 WEB-WORDPRESS LearnPress LMS Plugin Prior to 3.2.6.9 - Privilege Escalation Via learnpress_create_page (CVE-2020-11510)
999613 CVE-2020-11510 WEB-WORDPRESS LearnPress LMS Plugin Prior to 3.2.6.9 - Privilege Escalation Via learnpress_update_order_status (CVE-2020-11510)
999614 CVE-2020-8636 WEB-MISC OpServices OpMon 9.3.2 - Unauthenticated Remote Code Execution Vulnerability Via nmap_options Parameter (CVE-2020-8636)
999615 CVE-2020-8636 WEB-MISC OpServices OpMon 9.3.2 - Unauthenticated Remote Code Execution Vulnerability Via host Parameter (CVE-2020-8636)
999616 CVE-2020-11511 WEB-WORDPRESS LearnPress LMS Plugin Prior to 3.2.6.9 - Privilege Escalation Via accept-to-be-teacher (CVE-2020-11511)
999617 CVE-2020-11451 WEB-MISC Microstrategy Web - Unsecure File Type Upload Vulnerability Via JSP (CVE-2020-11451)
999618 CVE-2020-11451 WEB-MISC Microstrategy Web - Unsecure File Type Upload Vulnerability Via ASP (CVE-2020-11451)
999619 CVE-2020-11515 WEB-WORDPRESS WP SEO Plugin Rank Math Prior to 1.0.41 - Redirection Vulnerability Via REST API Through URL (CVE-2020-11515)
999620 CVE-2020-11515 WEB-WORDPRESS WP SEO Plugin Rank Math Prior to 1.0.41 - Redirection Vulnerability Via REST API rest_route Param (CVE-2020-11515)
999621 CVE-2020-10457 WEB-MISC Chadha PHPKB Standard Multi-Language 9 - Arbitrary File Renaming Vulnerability Via imgName (CVE-2020-10457)
999622 CVE-2020-10457 WEB-MISC Chadha PHPKB Standard Multi-Language 9 - Arbitrary File Renaming Vulnerability Via imgUrl (CVE-2020-10457)
999623 CVE-2019-1821 WEB-MISC Cisco Prime Infrastructure - Remote Code Execution Vulnerability (CVE-2019-1821)
999624   WEB-WORDPRESS Page Builder Plugin Prior to 2.10.16 - CSRF Vulnerability Via Ajax action_builder_content
999625   WEB-WORDPRESS Page Builder Plugin Prior to 2.10.16 - CSRF Vulnerability Via Live Editor
999626 CVE-2020-11514 WEB-WORDPRESS WP SEO Plugin Rank Math Prior to 1.0.41 - Privilege Escalation Via REST API Through URL (CVE-2020-11514)
999627 CVE-2020-11514 WEB-WORDPRESS WP SEO Plugin Rank Math Prior to 1.0.41 - Privilege Escalation Via REST API rest_route Param (CVE-2020-11514)
999628 CVE-2019-6713 WEB-MISC ThinkCMF Prior to 5.0.190312 - Code Injection Vulnerability Via /route/editpost.html (CVE-2019-6713)
999629 CVE-2019-6713 WEB-MISC ThinkCMF Prior to 5.0.190312 - Code Injection Vulnerability Via /route/addpost.html (CVE-2019-6713)
999630   WEB-WORDPRESS Google Site Kit Plugin Prior to 1.8.0 - Unprotected Verification Vulnerability
999631 CVE-2020-9315 WEB-MISC Oracle iPlanet Web Server 7.0.x - Incorrect Access Control Vulnerability (CVE-2020-9315)
999632 CVE-2020-1947 WEB-MISC Apache ShardingSphere 4.0.0-RC3 and 4.0.0 - SnakeYAML Remote Code Execution Vulnerability (CVE-2020-1947)
999633 CVE-2020-7961 Liferay Portal Prior To 7.2.1 CE GA2 - JSONWS Deserialization RCE Vulnerability Via JSON-RPC (CVE-2020-7961)
999634 CVE-2020-7961 Liferay Portal Prior To 7.2.1 CE GA2 - JSONWS Deserialization RCE Vulnerability Via URL Path (CVE-2020-7961)
999635 CVE-2020-7961 Liferay Portal Prior To 7.2.1 CE GA2 - JSONWS Deserialization RCE Vulnerability Via Form And URI Query (CVE-2020-7961)
999636 CVE-2020-8518 WEB-MISC Horde Groupware Webmail Edition 5.2.22 - Remote Code Execution Vulnerability (CVE-2020-8518)
999637 CVE-2020-7351 WEB-MISC Fonality Trixbox CE 2.8.0.4 and Prior - Remote Code Execution Vulnerability (CVE-2020-7351)
999638 CVE-2020-12720 WEB-MISC vBulletin Prior to 5.6.1 Patch Level 1 - Unauthenticated SQL Injection Vulnerability (CVE-2020-12720)
999639 CVE-2019-19800 Zoho ManageEngine Applications Manager Previous To 14520 - Path Traversal Vulnerability (CVE-2019-19800)
999640 CVE-2020-10386 WEB-MISC Chadha PHPKB Standard Multi-Language 9 - Remote Code Execution (CVE-2020-10386)
999641 CVE-2020-8497 WEB-MISC Artica Pandora FMS 7.0 - Unauthenticated Information Disclosure Vulnerability (CVE-2020-8497)
999642 CVE-2020-6009 WEB-WORDPRESS LearnDash LMS Plugin Prior to 3.1.6 - Unauthenticated SQL Injection Vulnerability (CVE-2020-6009)

2020 年 6 月的签名更新