ADC

签名更新版本 93

针对在 2022-10-02 周发现的漏洞生成了新的签名规则。您可以下载并配置这些签名规则,以保护您的设备免受安全漏洞攻击。

签名版本

签名版本 93 适用于 NetScaler 11.1、NetScaler 12.0、Citrix ADC 12.1、Citrix ADC 13.0、Citrix ADC 13.1 平台。

注意

启用帖子正文和响应正文签名规则可能会影响 Citrix ADC CPU。

常见漏洞条目 (CVE) 见解

以下是签名规则、CVE ID 及其描述的列表。

签名规则 CVE ID 说明
998871 CVE-2022-41082,CVE-2022-41040 WEB-MISC Microsoft Exchange Server - RCE Vulnerability (CVE-2022-41082, CVE-2022-41040)
998872 CVE-2022-37299 WEB-MISC Shirne CMS 1.2.0 - Path Traversal Vulnerability Via /static/ueditor/php/controller.php (CVE-2022-37299)
998873 CVE-2022-36923 WEB-MISC Zoho ManageEngine Multiple Products Multiple Versions - Authentication Bypass Vulnerability (CVE-2022-36923)
998874 CVE-2022-33891 WEB-MISC Apache Spark UI Multiple Versions - Remote Code Execution Vulnerability Via doAs Parameter (CVE-2022-33891)
998875 CVE-2022-3184,CVE-2022-3183 WEB-MISC DataProbe iBoot-PDU Prior to 1.42.06162022 - Remote Code Execution Vulnerability (CVE-2022-3184, CVE-2022-3183)
998876 CVE-2022-31814 WEB-MISC pfSense pfBlockerNG Prior to 2.1.4_26 - Remote Code Execution Vulnerability (CVE-2022-31814)
998877 CVE-2022-31097 WEB-MISC Apache Grafana - Unified Alerting Stored XSS Vulnerability (CVE-2022-31097)
998878 CVE-2022-2903 WEB-WORDPRESS NinjaForms Plugin Prior to 3.6.13 - PHP Object Injection Vulnerability (CVE-2022-2903)
998879 CVE-2022-2552 WEB-WORDPRESS Duplicator Plugin Prior to 1.4.7.1 - Unauthenticated Information Disclosure Vulnerability (CVE-2022-2552)
998880 CVE-2022-23854 WEB-MISC AVEVA InTouch Access Anywhere Secure Gateway - Path Traversal Vulnerability Via SG URI (CVE-2022-23854)
998881 CVE-2022-23854 WEB-MISC AVEVA InTouch Access Anywhere Secure Gateway - Path Traversal Vulnerability Via Blaze URI (CVE-2022-23854)
998882 CVE-2022-23854 WEB-MISC AVEVA InTouch Access Anywhere Secure Gateway - Path Traversal Vulnerability Via AccessAnywhere URI (CVE-2022-23854)
998883 CVE-2017-9841 WEB-MISC PHPUnit Before 4.8.28 and 5.x Before 5.6.3 - Remote Code Execution Vulnerability Via eval-stdin.php (CVE-2017-9841)

合并和更新的签名规则

一些多余的签名规则被删除,这些规则的 CVE ID 合并到更新的规则中。确保为每个已删除的规则启用相应的签名规则。

下表列出了合并和更新的签名规则 ID:

已删除的签名规则 更新的签名规则 CVE ID
1242 1243 CVE-2000-0071
1245 1244 CVE-2000-0071
1589 1221 CVE-2001-0224、NESSUS-10609
1648 832 CVE-1999-0509、NESSUS-10173、www.cert.org/advisories/CA-1996-11.html
1700 821 CVE-1999-0951、NESSUS-10122
2598 2597 CVE-2004-0600
999779 999721 CVE-2019-14994
999861 999859 CVE-2019-12099
999862 999857 https://www.wordfence.com/blog/2019/05s-command-injection-vulnerability-patched-in-wp-database-backup-plugin/
999863 999858 https://www.wordfence.com/blog/2019/05/privilege-escalation-flaw-present-in-slick-popup-plugin/
签名更新版本 93