Rule Update
24-035 (23 julho 2024)
Data de publicação: 23 julho 2024
Descrição
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Apache Pulsar
1012032* - Apache Pulsar Directory Traversal Vulnerability (CVE-2024-27317)
JetBrains TeamCity
1012020* - JetBrains TeamCity Cross-Site Scripting Vulnerability (CVE-2024-31138)
Oracle VirtualBox
1012034* - Oracle VirtualBox Information Disclosure Vulnerability (CVE-2024-21109)
Port Mapper FTP Client
1012102 - Disallow Download Of Restricted File Extension over FTP (ATT&CK T1105)
SolarWinds Access Rights Manager
1012024* - SolarWinds Access Rights Manager Directory Traversal Remote Code Execution Vulnerability (CVE-2024-23477)
Suspicious Client Application Activity
1011119* - Disallow Download Of Restricted File Formats (ATT&CK T1105, T1570)
Web Server HTTPS
1012100 - Ivanti Endpoint Manager SQL Injection Vulnerability (CVE-2024-29823)
1012094 - Progress WhatsUp Gold Server-Side Request Forgery Vulnerability (CVE-2024-5015)
1012092 - Progress WhatsUp Gold Path Traversal Vulnerability (CVE-2024-5018)
1011884* - Qlik Sense Enterprise Directory Traversal Vulnerability (CVE-2023-41266)
Web Server Oracle
1012098 - Oracle WebLogic Server Information Disclosure Vulnerability (CVE-2024-21006)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
Apache Pulsar
1012032* - Apache Pulsar Directory Traversal Vulnerability (CVE-2024-27317)
JetBrains TeamCity
1012020* - JetBrains TeamCity Cross-Site Scripting Vulnerability (CVE-2024-31138)
Oracle VirtualBox
1012034* - Oracle VirtualBox Information Disclosure Vulnerability (CVE-2024-21109)
Port Mapper FTP Client
1012102 - Disallow Download Of Restricted File Extension over FTP (ATT&CK T1105)
SolarWinds Access Rights Manager
1012024* - SolarWinds Access Rights Manager Directory Traversal Remote Code Execution Vulnerability (CVE-2024-23477)
Suspicious Client Application Activity
1011119* - Disallow Download Of Restricted File Formats (ATT&CK T1105, T1570)
Web Server HTTPS
1012100 - Ivanti Endpoint Manager SQL Injection Vulnerability (CVE-2024-29823)
1012094 - Progress WhatsUp Gold Server-Side Request Forgery Vulnerability (CVE-2024-5015)
1012092 - Progress WhatsUp Gold Path Traversal Vulnerability (CVE-2024-5018)
1011884* - Qlik Sense Enterprise Directory Traversal Vulnerability (CVE-2023-41266)
Web Server Oracle
1012098 - Oracle WebLogic Server Information Disclosure Vulnerability (CVE-2024-21006)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.