Rule Update
22-037 (August 2, 2022)
DESCRIPTION
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Apache Spark
1011499* - Apache Spark Command Injection Vulnerability (CVE-2022-33891)
MySQL Cluster NDBD
1011502 - Oracle MySQL Cluster Data Node Buffer Overflow Vulnerability (CVE-2022-21489)
Suspicious Client Application Activity
1001162* - Detected HTTP Client Traffic (ATT&CK T1071.001)
Web Application Tomcat
1002691* - Apache Tomcat Directory Traversal Vulnerability
1000967* - Apache Tomcat Servlet Engine Directory Traversal
Web Server Common
1011494* - BMC Track-It! 'GetPopupSubQueryDetails' SQL Injection Vulnerability (CVE-2022-35864)
1011493* - BMC Track-It! Improper Access Control Vulnerability (CVE-2022-35865)
Web Server Miscellaneous
1011495* - Atlassian 'Mobile Plugin for Jira Data Center and Server' Plugin Server-Side Request Forgery Vulnerability (CVE-2022-26135)
1011501 - GitLab Stored Cross-Site Scripting Vulnerability (CVE-2022-2230)
1011496* - Jenkins 'GitLab' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2022-34777)
1005516* - RedHat JBoss Enterprise Application Platform Block Access To Status Servlet
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
Apache Spark
1011499* - Apache Spark Command Injection Vulnerability (CVE-2022-33891)
MySQL Cluster NDBD
1011502 - Oracle MySQL Cluster Data Node Buffer Overflow Vulnerability (CVE-2022-21489)
Suspicious Client Application Activity
1001162* - Detected HTTP Client Traffic (ATT&CK T1071.001)
Web Application Tomcat
1002691* - Apache Tomcat Directory Traversal Vulnerability
1000967* - Apache Tomcat Servlet Engine Directory Traversal
Web Server Common
1011494* - BMC Track-It! 'GetPopupSubQueryDetails' SQL Injection Vulnerability (CVE-2022-35864)
1011493* - BMC Track-It! Improper Access Control Vulnerability (CVE-2022-35865)
Web Server Miscellaneous
1011495* - Atlassian 'Mobile Plugin for Jira Data Center and Server' Plugin Server-Side Request Forgery Vulnerability (CVE-2022-26135)
1011501 - GitLab Stored Cross-Site Scripting Vulnerability (CVE-2022-2230)
1011496* - Jenkins 'GitLab' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2022-34777)
1005516* - RedHat JBoss Enterprise Application Platform Block Access To Status Servlet
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.