Rule Update
24-014 (12 março 2024)
Data de publicação: 12 março 2024
Descrição
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
HP Intelligent Management Center (IMC)
1011940* - Apache OFBiz Authentication Bypass Vulnerability (CVE-2023-51467)
1011990 - Apache OFBiz Information Disclosure Vulnerability (CVE-2024-23946)
SolarWinds Information Service
1011921* - SolarWinds Network Configuration Manager Remote Code Execution Vulnerability (CVE-2023-33227)
Web Application Common
1000608* - Generic SQL Injection Prevention
Web Application PHP Based
1011993 - LibreNMS SQL Injection Vulnerability (CVE-2023-5591)
1011992 - WordPress 'Paid Memberships Pro' Plugin Arbitrary File Upload Vulnerability (CVE-2023-6187)
Web Application Tomcat
1003094* - Identified runtime.getRuntime().exec() In HTTP Request
Web Proxy Squid
1011997 - Squid Proxy Denial Of Service Vulnerability (CVE-2023-49285) - Client
Web Server HTTPS
1011902* - SolarWinds Access Rights Manager Insecure Deserialization Vulnerability (CVE-2023-35184)
Web Server Miscellaneous
1011994 - Graylog Open Insecure Deserialization Vulnerability (CVE-2024-24824)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
HP Intelligent Management Center (IMC)
1011940* - Apache OFBiz Authentication Bypass Vulnerability (CVE-2023-51467)
1011990 - Apache OFBiz Information Disclosure Vulnerability (CVE-2024-23946)
SolarWinds Information Service
1011921* - SolarWinds Network Configuration Manager Remote Code Execution Vulnerability (CVE-2023-33227)
Web Application Common
1000608* - Generic SQL Injection Prevention
Web Application PHP Based
1011993 - LibreNMS SQL Injection Vulnerability (CVE-2023-5591)
1011992 - WordPress 'Paid Memberships Pro' Plugin Arbitrary File Upload Vulnerability (CVE-2023-6187)
Web Application Tomcat
1003094* - Identified runtime.getRuntime().exec() In HTTP Request
Web Proxy Squid
1011997 - Squid Proxy Denial Of Service Vulnerability (CVE-2023-49285) - Client
Web Server HTTPS
1011902* - SolarWinds Access Rights Manager Insecure Deserialization Vulnerability (CVE-2023-35184)
Web Server Miscellaneous
1011994 - Graylog Open Insecure Deserialization Vulnerability (CVE-2024-24824)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.