Citrix ADC

2022 年 7 月的签名更新

针对在 2022-07-08 周发现的漏洞生成新的签名规则。您可以下载并配置这些签名规则,以保护您的设备免受安全漏洞攻击。

签名版本

签名版本 89 适用于 NetScaler VPX 11.1、NetScaler 12.0、Citrix ADC 12.1、Citrix ADC 13.0、Citrix ADC 13.1 平台。

注意

启用帖子正文和响应正文签名规则可能会影响 Citrix ADC CPU。

常见漏洞条目 (CVE) 见解

以下是签名规则、CVE ID 及其描述的列表。

签名规则 CVE ID 说明
998942 CVE-2022-32532 WEB-MISC Apache Shiro Prior to 1.9.1 - RegexRequestMatcher Bypass Vulnerability Via Line Feed (CVE-2022-32532)
998943 CVE-2022-32532 WEB-MISC Apache Shiro Prior to 1.9.1 - RegexRequestMatcher Bypass Vulnerability Via Carriage Return (CVE-2022-32532)
998944 CVE-2022-30157 WEB-MISC Microsoft SharePoint - RCE Via Deserialization of Untrusted Data Vulnerability (CVE-2022-30157)
998945 CVE-2022-29847 WEB-MISC In Progress Ipswitch WhatsUp Gold - Unauthenticated Server-Side Request Forgery Vulnerability (CVE-2022-29847)
998946 CVE-2022-29535 WEB-MISC Zoho ManageEngine OpManager Multiple Versions - SQL Injection Vulnerability Via bview (CVE-2022-29535)
998947 CVE-2022-29535 WEB-MISC Zoho ManageEngine OpManager Multiple Versions - SQL Injection Vulnerability Via category (CVE-2022-29535)
998948 CVE-2022-28219 WEB-MISC Zoho ManageEngine ADAudit Plus Prior to 7060 - Remote Code Execution Vulnerability (CVE-2022-28219)
998949 CVE-2022-28219 WEB-MISC Zoho ManageEngine ADAudit Plus Prior to 7060 - XXE Injection Vulnerability Via Task New Content (CVE-2022-28219)
998950 CVE-2022-28219 WEB-MISC Zoho ManageEngine ADAudit Plus Prior to 7060 - XXE Injection Vulnerability Via Task Content (CVE-2022-28219)
998951 CVE-2022-23642 WEB-MISC Sourcegraph Prior to 3.37 - gitserver Service Remote Code Execution Vulnerability (CVE-2022-23642)
998952 CVE-2022-23206 WEB-MISC Apache Traffic Control Traffic Ops Prior to 5.1.6 and 6.1.0 - SSRF Vulnerability (CVE-2022-23206)
998953 CVE-2022-1609 WEB-WORDPRESS Weblizar School Management Pro Plugin Prior to 9.9.7 - Remote Code Execution Vulnerability (CVE-2022-1609)
998954 CVE-2022-1209 WEB-WORDPRESS WordPress Plugin Ultimate Member Prior to 2.3.2 - Open Redirect Vulnerability (CVE-2022-1209)
998955 CVE-2021-46360 WEB-MISC Composr-CMS - Remote Code Execution Vulnerability (CVE-2021-46360)
998956 CVE-2021-43350 WEB-MISC Apache Traffic Control Traffic Ops Prior to 5.1.4 and 6.0.1 - LDAP Injection Vulnerability (CVE-2021-43350)
998957 CVE-2017-9248 WEB-MISC Telerik UI for ASP.NET AJAX before R2 2017 SP1 - Encryption Key Disclosure Vulnerability (CVE-2017-9248)
2022 年 7 月的签名更新