签名更新版本 120

将针对2023-12-19周中发现的漏洞生成新的签名规则。您可以下载并配置这些签名规则,以保护您的设备免受安全漏洞攻击。

签名版本

签名版本 120 适用于 NetScaler 11.1、NetScaler 12.0、Citrix ADC 12.1、Citrix ADC 13.0、NetScaler 13.1、NetScaler 13.1、NetScaler 14.1 平台。

注意

启用帖子正文和响应正文签名规则可能会影响 NetScaler CPU。

常见漏洞条目 (CVE) 见解

以下是签名规则、CVE ID 及其描述的列表。

签名规则 CVE ID 说明
998559 CVE-2023-50164 WEB-STRUTS Apache Struts Prior to 6.3.0.2 - Path Traversal Vulnerability (CVE-2023-50164)
998560 CVE-2023-49105 WEB-MISC ownCloud Prior to 10.13.1 - Access Control Bypass Vulnerability (CVE-2023-4105)
998561 CVE-2023-49103 WEB-MISC ownCloud Multiple Versions - Information Disclosure Vulnerability (CVE-2023-49103)
998562 CVE-2023-47246 WEB-MISC SysAid Server On-Premise Prior to 23.3.36 - Path Traversal Vulnerability (CVE-2023-47246)
998563 CVE-2023-46509 WEB-MISC Contec SolarView Compact 6.0 and Prior - OS Command Injection Vulnerability (CVE-2023-46509)
998564 CVE-2023-44450 WEB-MISC NETGEAR ProSAFE Network Management System Prior to 1.7.0.31 - SQL Injection Vulnerability (CVE-2023-44450)
998565 CVE-2023-44449 WEB-MISC NETGEAR ProSAFE Network Management System Prior to 1.7.0.31 - SQL Injection Vulnerability (CVE-2023-44449)
998566 CVE-2023-44351、CVE-2023-44353 WEB-MISC Adobe ColdFusion - Deserialization of Untrusted Data Vulnerability (CVE-2023-44351, CVE-2023-44353)
998567 CVE-2023-43177 WEB-MISC CrushFTP Prior to 10.5.1 - Improper Control of Dynamically-Managed Code Resources Vulnerability (CVE-2023-43177)
998568 CVE-2023-40062 WEB-MISC SolarWinds Orion Prior to 2023.4.0 - Improper Input Validation Vulnerability Via TestAction (CVE-2023-40062)
998569 CVE-2023-40062 WEB-MISC SolarWinds Orion Prior to 2023.4.0 - Improper Input Validation Vulnerability Via /api/WriteToFile/ (CVE-2023-40062)
998570 CVE-2023-40055 WEB-MISC SolarWinds NCM Prior to 2023.4.1 - Directory Traversal Vulnerability Via SaveResultsToFile (CVE-2023-40055)
998571 CVE-2023-40054 WEB-MISC SolarWinds NCM Prior to 2023.4.1 - Directory Traversal Vulnerability Via txtConfigTemplate (CVE-2023-40054)
998572 CVE-2023-40054 WEB-MISC SolarWinds NCM Prior to 2023.4.1 - Directory Traversal Vulnerability Via txtPath (CVE-2023-40054)
998573 CVE-2023-39912 Zoho ADManager Plus Prior to 7203 - Directory traversal Vulnerability (CVE-2023-39912)
998574 CVE-2023-35150 WEB-MISC XWiki Multiple Versions - Arbitrary Code Injection Vulnerability (CVE-2023-35150)
998575 CVE-2023-32707 WEB-MISC Splunk Enterprise - Escalation of Privileges Vulnerability (CVE-2023-32707)
998576 CVE-2023-30943 WEB-MISC Moodle Prior to 4.1.3 - TinyMCE Loaders Stored Cross-Site Scripting Vulnerability Via loader (CVE-2023-30943)
998577 CVE-2023-30943 WEB-MISC Moodle Prior to 4.1.3 - TinyMCE Loaders Stored Cross-Site Scripting Vulnerability Via lang (CVE-2023-30943)
998578 CVE-2023-2943 WEB-MISC OpenEMR Prior to 7.0.1 - HTML Code Injection Vulnerability (CVE-2023-2943)
签名更新版本 120