Rule Update
21-024 (May 25, 2021)
DESCRIPTION
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
HP Intelligent Management Center (IMC)
1010954* - Apache OFBiz Insecure Deserialization Vulnerability (CVE-2021-29200)
1010951* - Apache OFBiz Insecure Deserialization Vulnerability (CVE-2021-30128)
Microsoft Office
1010959 - Microsoft Office Remote Code Execution Vulnerability (CVE-2021-31175)
1010958 - Microsoft Office Remote Code Execution Vulnerability (CVE-2021-31177)
Oracle E-Business Suite Web Interface
1010945* - Oracle E-Business Suite Reflected Cross-Site Scripting Vulnerability (CVE-2021-2182)
SAP NetWeaver Java Application Server
1010952* - SAP NetWeaver AS JAVA Directory Traversal Vulnerability (CVE-2016-3976)
Web Application Common
1010934* - Dolibarr ERP CRM Remote Code Execution Vulnerability (CVE-2020-14209)
Web Application PHP Based
1010953* - Joomla! Arbitrary File Upload Vulnerability (CVE-2021-23132)
Web Client Common
1010968 - Adobe Acrobat And Reader DC Heap Buffer Overflow Vulnerability (CVE-2021-28560)
1010967 - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2012-4157)
1010955 - Adobe Reader And Acrobat Use After Free Vulnerability (CVE-2021-28550)
1010961 - Microsoft Windows Web Media Extensions Remote Code Execution Vulnerability (CVE-2021-28465)
1010969 - XStream Library Remote Command Execution Vulnerability (CVE-2021-29505)
Web Server HTTPS
1010948* - Microsoft Exchange Server Remote Code Execution Vulnerability (CVE-2021-28482)
Web Server Miscellaneous
1010966 - Jenkins 'Credentials' Plugin Reflected Cross-Site Scripting Vulnerability (CVE-2021-21648)
Web Server Nagios
1010943* - Nagios XI Authenticated OS Command Argument Injection Vulnerability (CVE-2020-5792)
Web Server Oracle
1010927* - Oracle Business Intelligence 'APSWebModule' Remote Code Execution Vulnerability (CVE-2021-2244)
1010928* - Oracle Business Intelligence T3 Protocol Deserialization of Untrusted Data Vulnerability (CVE-2021-2302)
1010739* - Oracle WebLogic Console JNDI Injection Vulnerability (CVE-2021-2109)
Web Server SharePoint
1010957 - Microsoft SharePoint Server Remote Code Execution Vulnerability (CVE-2021-28474)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
HP Intelligent Management Center (IMC)
1010954* - Apache OFBiz Insecure Deserialization Vulnerability (CVE-2021-29200)
1010951* - Apache OFBiz Insecure Deserialization Vulnerability (CVE-2021-30128)
Microsoft Office
1010959 - Microsoft Office Remote Code Execution Vulnerability (CVE-2021-31175)
1010958 - Microsoft Office Remote Code Execution Vulnerability (CVE-2021-31177)
Oracle E-Business Suite Web Interface
1010945* - Oracle E-Business Suite Reflected Cross-Site Scripting Vulnerability (CVE-2021-2182)
SAP NetWeaver Java Application Server
1010952* - SAP NetWeaver AS JAVA Directory Traversal Vulnerability (CVE-2016-3976)
Web Application Common
1010934* - Dolibarr ERP CRM Remote Code Execution Vulnerability (CVE-2020-14209)
Web Application PHP Based
1010953* - Joomla! Arbitrary File Upload Vulnerability (CVE-2021-23132)
Web Client Common
1010968 - Adobe Acrobat And Reader DC Heap Buffer Overflow Vulnerability (CVE-2021-28560)
1010967 - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2012-4157)
1010955 - Adobe Reader And Acrobat Use After Free Vulnerability (CVE-2021-28550)
1010961 - Microsoft Windows Web Media Extensions Remote Code Execution Vulnerability (CVE-2021-28465)
1010969 - XStream Library Remote Command Execution Vulnerability (CVE-2021-29505)
Web Server HTTPS
1010948* - Microsoft Exchange Server Remote Code Execution Vulnerability (CVE-2021-28482)
Web Server Miscellaneous
1010966 - Jenkins 'Credentials' Plugin Reflected Cross-Site Scripting Vulnerability (CVE-2021-21648)
Web Server Nagios
1010943* - Nagios XI Authenticated OS Command Argument Injection Vulnerability (CVE-2020-5792)
Web Server Oracle
1010927* - Oracle Business Intelligence 'APSWebModule' Remote Code Execution Vulnerability (CVE-2021-2244)
1010928* - Oracle Business Intelligence T3 Protocol Deserialization of Untrusted Data Vulnerability (CVE-2021-2302)
1010739* - Oracle WebLogic Console JNDI Injection Vulnerability (CVE-2021-2109)
Web Server SharePoint
1010957 - Microsoft SharePoint Server Remote Code Execution Vulnerability (CVE-2021-28474)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.