2021 年 8 月的签名更新

为 2021-08-29 周确定的漏洞生成了新的签名规则。您可以下载并配置这些签名规则,以保护您的设备免受安全漏洞攻击。

签名版本

签名版本 67 适用于 NetScaler VPX 11.1、NetScaler 12.0、Citrix ADC 12.1、Citrix ADC 13.0 平台。

注意:

启用发布主体和响应主体签名规则可能会影响 Citrix ADC CPU。

常见漏洞条目 (CVE) 见解

以下是签名规则、CVE ID 及其描述的列表。

签名规则 CVE ID 说明
999183 CVE-2021-37557 WEB-MISC Centreon Multiple Versions - SQL Injection Vulnerability (CVE-2021-37557)
999184 CVE-2021-35501 WEB-MISC Artica Pandora FMS Up to 7.54 - Visual Console Stored XSS Vulnerability (CVE-2021-35501)
999185 CVE-2021-35464 WEB-MISC ForgeRock Access Management and OpenAM - Remote Code Execution Vulnerability (CVE-2021-35464)
999186 CVE-2021-34523 WEB-MISC Microsoft Exchange Server - Elevation of Privilege Vulnerability (CVE-2021-34523)
999187 CVE-2021-34473 WEB-MISC Microsoft Exchange Server - Server Side Request Forgery Authentication Bypass Vulnerability Via Query (CVE-2021-34473)
999188 CVE-2021-34473 WEB-MISC Microsoft Exchange Server - Server Side Request Forgery Authentication Bypass Vulnerability Via Cookie (CVE-2021-34473)
999189 CVE-2021-33203 WEB-MISC Django - TemplateDetailView File Existence Disclosure Vulnerability via Absolute Path (CVE-2021-33203)
999190 CVE-2021-33203 WEB-MISC Django - TemplateDetailView File Existence Disclosure Vulnerability via Path Traversal (CVE-2021-33203)
999191 CVE-2021-33203 WEB-MISC Django - TemplateDetailView File Existence Disclosure Vulnerability via backslash (CVE-2021-33203)
999192 CVE-2021-33203 WEB-MISC Django - TemplateDetailView File Existence Disclosure Vulnerability Via Slash (CVE-2021-33203)
999193 CVE-2021-3287, CVE-2020-28653 WEB-MISC Zoho ManageEngine OpManager Prior to 12.5.329 - Unauthenticated RCE Vulnerability (CVE-2021-3287, CVE-2020-28653)
999194 CVE-2021-32789 WEB-WORDPRESS WooCommerce Plugin Up to 5.5.0 - SQL Injection Vulnerability Via taxonomy and rest_route (CVE-2021-32789)
999195 CVE-2021-32789 WEB-WORDPRESS WooCommerce Plugin Up to 5.5.0 - SQL Injection Vulnerability Via taxonomy (CVE-2021-32789)
999196 CVE-2021-32604 WEB-MISC SolarWinds Serv-U Prior to 15.2.3 - Cross-Site Scripting Vulnerability Via SenderEmail Parameter (CVE-2021-32604)
999197 CVE-2021-32093 WEB-MISC National Security Agency Emissary 5.9.0 - Arbitrary File Read Vulnerability (CVE-2021-32093)
999198 CVE-2021-31760 WEB-MISC Webmin Prior to 1.974 - CSRF Vulnerability Lead to RCE Via run.cgi (CVE-2021-31760)
999199 CVE-2021-31207 WEB-MISC Microsoft Exchange Server - Security Feature Bypass Vulnerability (CVE-2021-31207)
999200 CVE-2021-31195 WEB-MISC Microsoft Exchange Server - Remote Code Execution Vunerability (CVE-2021-31195)
999201 CVE-2021-28474 WEB-MISC Microsoft SharePoint Server - Remote Code Execution Vulnerability (CVE-2021-28474)
999202 CVE-2021-24385 WEB-WORDPRESS FileBird Plugin 4.7.3 - SQL Injection Vulnerability Via selectedFolder Parameter and rest_route (CVE-2021-24385)
999203 CVE-2021-24385 WEB-WORDPRESS FileBird Plugin 4.7.3 - SQL Injection Vulnerability Via selectedFolder Parameter (CVE-2021-24385)
999204 CVE-2021-24385 WEB-WORDPRESS FileBird Plugin 4.7.3 - SQL Injection Vulnerability Via JSON-Encoded Body (CVE-2021-24385)
999205 CVE-2021-24356 WEB-WORDPRESS Simple 301 Redirects Plugin Prior to 2.0.4 - Arbitrary Plugin Activation Vulnerability (CVE-2021-24356)
999206 CVE-2021-23024 WEB-MISC F5 BIG-IQ Multiple Versions - Remote Code Execution Vulnerability (CVE-2021-23024)
999207 CVE-2021-22911 WEB-MISC Rocket.Chat Server 3.11, 3.12 and 3.13 - Blind NOSQL Injection Vulnerability (CVE-2021-22911)
999208 CVE-2021-22900 WEB-MISC Pulse Connect Secure Prior To 9.1R11.4 - Remote Code Execution Vulnerability Via smimeCert.cgi (CVE-2021-22900)
999209 CVE-2021-22900 WEB-MISC Pulse Connect Secure Prior To 9.1R11.4 - Remote Code Execution Vulnerability Via admincert.cgi (CVE-2021-22900)
999210 CVE-2021-22900 WEB-MISC Pulse Connect Secure Prior To 9.1R11.4 - Remote Code Execution Vulnerability Via clientauthcert.cgi (CVE-2021-22900)
999211 CVE-2021-22160 WEB-MISC Apache Pulsar - JSON Web Tokens Authentication Bypass Vulnerability (CVE-2021-22160)
999212 CVE-2021-21809 WEB-MISC Moodle - Remote Code Execution Vulnerability Via Spellchecker Plugin and getSuggestions Method (CVE-2021-21809)
999213 CVE-2021-21809 WEB-MISC Moodle - Remote Code Execution Vulnerability Via Spellchecker Plugin and checkWords Method (CVE-2021-21809)
999214 CVE-2021-21809 WEB-MISC Moodle - Remote Code Execution Vulnerability Via s__aspellpath (CVE-2021-21809)
999215 CVE-2021-21805 WEB-MISC Advantech R-SeeNet - Unauthenticated Remote Code Execution Vulnerability (CVE-2021-21805)
999216 CVE-2021-21804 WEB-MISC Advantech R-SeeNet - Local File Inclusion Vulnerability Via sub_opt (CVE-2021-21804)
999217 CVE-2021-21587 WEB-MISC Dell Wyse Management Suite Prior to 3.3 - Path Traversal Vulnerability Via /image/os/listfiles (CVE-2021-21587)
999218 CVE-2021-21587 WEB-MISC Dell Wyse Management Suite Prior to 3.3 - Path Traversal Vulnerability Via /image/app/rsp/listfiles (CVE-2021-21587)
999219 CVE-2021-21586 WEB-MISC Dell Wyse Management Suite Prior to 3.3 - Path Traversal Vulnerability Via /image/app and fileName (CVE-2021-21586)
999220 CVE-2021-21586 WEB-MISC Dell Wyse Management Suite Prior to 3.3 - Path Traversal Vulnerability Via /image/os and fileName (CVE-2021-21586)
999221 CVE-2021-21586 WEB-MISC Dell Wyse Management Suite Prior to 3.3 - Path Traversal Vulnerability Via /image/os and filePath (CVE-2021-21586)
999222 CVE-2020-25223 WEB-MISC Sophos SG UTM - Remote Code Execution Via SID and /var (CVE-2020-25223)
999223 CVE-2020-25223 WEB-MISC Sophos SG UTM - Remote Code Execution Via SID and /webadmin.plx (CVE-2020-25223)
999224 CVE-2020-21056 WEB-MISC FusionPBX 4.5.7 - Path Traversal Vulnerability Via foldernew (CVE-2020-21056)
999225 CVE-2020-21055 WEB-MISC FusionPBX 4.5.7 - Path Traversal Vulnerability Via File Rename Feature (CVE-2020-21055)
999226 CVE-2020-16245 WEB-MISC Advantech iView Prior to 5.7.03.6112 - Path Traversal Vulnerability in findSummaryUpdateDeviceListExpo (CVE-2020-16245)
999227 CVE-2020-16245 WEB-MISC Advantech iView Prior to 5.7.03.6112 - Path Traversal Vulnerability Via findCfgDeviceListExport (CVE-2020-16245)
999228 CVE-2020-14181 WEB-MISC Atlassian Jira Server - Information Disclosure Vulnerability Via ViewUserHover.jspa (CVE-2020-14181)
999229 CVE-2020-14005 WEB-MISC SolarWinds Orion Prior to 2020.2.1 HF 2 - Remote Code Execution Via ExecuteVBScript Action Type (CVE-2020-14005)
999230 CVE-2020-14005 WEB-MISC SolarWinds Orion Prior to 2020.2.1 HF 2 - Remote Code Execution Via ExecuteExternalProgram Action Type (CVE-2020-14005)
2021 年 8 月的签名更新