Rule Update
22-008 (15 Februar 2022)
Publish Date: 15 Februar 2022
Beschreibung
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Microsoft Office
1011303 - Microsoft Excel Information Disclosure Vulnerability (CVE-2022-22716)
Unix Samba
1011294* - Samba AppleDouble Remote Code Execution Vulnerability (CVE-2021-44142)
Web Application Common
1011295* - Pandora FMS SQL Injection Vulnerability (CVE-2021-32099)
Web Application PHP Based
1011296* - WordPress 'Contact Form Entries' Plugin Reflected Cross-Site Scripting Vulnerability (CVE-2021-25079)
1011299 - WordPress 'Download Monitor' Plugin SQL Injection Vulnerability (CVE-2021-24786)
1011287* - WordPress 'Frontend Uploader' Plugin Cross Site Scripting Vulnerability (CVE-2021-24563)
Web Application Ruby Based
1011231* - Grafana Cross Site Scripting Vulnerability (CVE-2021-41174)
1011289 - Grafana Directory Traversal Vulnerability (CVE-2021-43813)
1011243* - Grafana Path Traversal Vulnerability (CVE-2021-43798)
Web Server Common
1011242* - Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)
1010175* - Cross-Site Scripting (XSS) Decoder
Web Server Miscellaneous
1011253* - Jenkins 'Active Choices' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2021-21699)
Web Server Oracle
1011084* - Oracle Business Intelligence 'UpdateConnectionServlet' Remote Code Execution Vulnerability (CVE-2021-2396)
1002645* - Oracle mod_wl HTTP Request Method Remote Buffer Overflow
Zoho ManageEngine
1011260* - Zoho ManageEngine Multiple Products Arbitrary File Upload Vulnerability (CVE-2021-44077)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
Microsoft Office
1011303 - Microsoft Excel Information Disclosure Vulnerability (CVE-2022-22716)
Unix Samba
1011294* - Samba AppleDouble Remote Code Execution Vulnerability (CVE-2021-44142)
Web Application Common
1011295* - Pandora FMS SQL Injection Vulnerability (CVE-2021-32099)
Web Application PHP Based
1011296* - WordPress 'Contact Form Entries' Plugin Reflected Cross-Site Scripting Vulnerability (CVE-2021-25079)
1011299 - WordPress 'Download Monitor' Plugin SQL Injection Vulnerability (CVE-2021-24786)
1011287* - WordPress 'Frontend Uploader' Plugin Cross Site Scripting Vulnerability (CVE-2021-24563)
Web Application Ruby Based
1011231* - Grafana Cross Site Scripting Vulnerability (CVE-2021-41174)
1011289 - Grafana Directory Traversal Vulnerability (CVE-2021-43813)
1011243* - Grafana Path Traversal Vulnerability (CVE-2021-43798)
Web Server Common
1011242* - Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)
1010175* - Cross-Site Scripting (XSS) Decoder
Web Server Miscellaneous
1011253* - Jenkins 'Active Choices' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2021-21699)
Web Server Oracle
1011084* - Oracle Business Intelligence 'UpdateConnectionServlet' Remote Code Execution Vulnerability (CVE-2021-2396)
1002645* - Oracle mod_wl HTTP Request Method Remote Buffer Overflow
Zoho ManageEngine
1011260* - Zoho ManageEngine Multiple Products Arbitrary File Upload Vulnerability (CVE-2021-44077)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.