2020 年 10 月的签名更新
New signatures rules are generated for the vulnerabilities identified in the week 2020-10-13. 您可以下载并配置这些签名规则,以保护您的设备免受安全漏洞攻击。
签名版本
签名与以下软件版本的 Citrix Application Delivery Controller (ADC) (ADC) 11.1、12.0、12.1、13.0 和 13.1 兼容。
Citrix ADC 12.0 版本已达到生命周期终止 (EOL)。有关详细信息,请参阅 版本生命周期 页面。
注意:
启用发布主体和响应主体签名规则可能会影响 Citrix ADC CPU。
常见漏洞条目 (CVE) 见解
以下是签名规则、CVE ID 及其描述的列表。
| 签名规则 | CVE ID | 说明 |
|---|---|---|
| 999505 | WEB-WORDPRESS WordPress plug-in wpDiscuz 7.0.0 Up To 7.0.4 - Unauthenticated Arbitrary File Upload Vulnerability | |
| 999506 | WEB-WORDPRESS Quiz & Survey Master - cross-site scripting Vulnerability in Questions Feature | |
| 999507 | CVE-2020-8604 | WEB-MISC Trend Micro IWS VA Prior to 6.5 SP2 Patch 4 - Path Traversal Vuln Via /log_search and cf Param (CVE-2020-8604) |
| 999508 | CVE-2020-8604 | WEB-MISC Trend Micro IWS VA Prior to 6.5 SP2 Patch 4 - Path Traversal Vuln Via /collection and cf Param (CVE-2020-8604) |
| 999509 | CVE-2020-8604 | WEB-MISC Trend Micro IWS VA Prior to 6.5 SP2 Patch 4 - Path Traversal Vuln Via /log_search and File Param (CVE-2020-8604) |
| 999510 | CVE-2020-8604 | WEB-MISC Trend Micro IWS VA Prior to 6.5 SP2 Patch 4 - Path Traversal Vuln Via /collection and File Param (CVE-2020-8604) |
| 999511 | CVE-2020-7361 | WEB-MISC ZenTao Enterprise 8.8.3 and Prior - Remote Code Execution Vulnerability Via Repo-Edit (CVE-2020-7361) |
| 999512 | CVE-2020-7361 | WEB-MISC ZenTao Pro 8.8.3 and Prior - Remote Code Execution Vulnerability Via Repo-Edit (CVE-2020-7361) |
| 999513 | CVE-2020-7361 | WEB-MISC ZenTao Enterprise 8.8.3 and Prior - Remote Code Execution Vulnerability Via Repo-Create (CVE-2020-7361) |
| 999514 | CVE-2020-7361 | WEB-MISC ZenTao Pro 8.8.3 and Prior - Remote Code Execution Vulnerability Via Repo-Create (CVE-2020-7361) |
| 999515 | CVE-2020-5768 | WEB-WORDPRESS Icegram Email Subscribers & Newsletters plug-in Prior to 4.5.1 - SQL Injection Vulnerability (CVE-2020-5768) |
| 999516 | CVE-2020-5767 | WEB-WORDPRESS Icegram Email Subscribers & Newsletters plug-in Prior to 4.5.1 - CSRF Vulnerability (CVE-2020-5767) |
| 999517 | CVE-2020-15299 | WEB-WORDPRESS KingComposer plug-in Prior To 2.9.5 - cross-site scripting Vulnerability (CVE-2020-15299) |
| 999518 | CVE-2020-13854 | WEB-MISC Artica Pandora FMS - Privilege Escalation Vulnerability (CVE-2020-13854) |
| 999519 | CVE-2020-13852 | WEB-MISC Artica Pandora FMS - Arbitrary File Upload Vulnerability Via File Manager (CVE-2020-13852) |
| 999520 | CVE-2020-13700 | WEB-WORDPRESS WordPress plug-in acf-to-rest-api Before 3.3.0 - Information Disclosure Vulnerability Via URI (CVE-2020-13700) |
| 999521 | CVE-2020-13700 | WEB-WORDPRESS WordPress plug-in acf-to-rest-api Before 3.3.0 - Information Disclosure Vulnerability Via URL (CVE-2020-13700) |
| 999522 | CVE-2020-13379 | WEB-MISC Grafana 3.0.1 Through 7.0.1 - CSRF Bypass Leading To DOS Vulnerability (CVE-2020-13379) |
| 999523 | CVE-2020-12851 | WEB-MISC Pydio Cells Prior to 2.0.7 - Arbitrary File Write Vulnerability (CVE-2020-12851) |
| 999524 | CVE-2020-12848 | WEB-MISC Pydio Cells Prior to 2.0.7 - Login as Temporary Shared User Vulnerability (CVE-2020-12848) |
| 999525 | CVE-2020-11749 | WEB-MISC Artica Pandora FMS Prior To 7.47 - cross-site scripting Vulnerability Via SNMP Browser (CVE-2020-11749) |
| 999526 | CVE-2020-11579 | WEB-MISC PHPKBV9 - File Exfiltration Vulnerability (CVE-2020-11579) |
| 999527 | CVE-2020-10546 | WEB-MISC rConfig Prior to 3.9.5 - Unauthenticated SQLi Vulnerability in Compliance Policies Via searchColumn (CVE-2020-10546) |
| 999528 | CVE-2020-10546 | WEB-MISC rConfig Prior to 3.9.5 - Unauthenticated SQLi Vulnerability in Compliance Policies Via searchField (CVE-2020-10546) |
| 999529 | CVE-2019-16876 | WEB-MISC Portainer Prior To 1.22.1 - Directory Traversal Vulnerability (CVE-2019-16876) |
| 999530 | WEB-WORDPRESS - ADning plug-in Prior to 1.5.6 - Unauthenticated Arbitrary File Deletion Vulnerability | |
| 999531 | WEB-WORDPRESS - ADning plug-in Prior to 1.5.6 - Unauthenticated Arbitrary File Upload Vulnerability |
2020 年 10 月的签名更新
已复制!
失败!