Rule Update
24-034 (16 Juli 2024)
Publish Date: 16 Juli 2024
Beschreibung
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
DCERPC Services - Client
1012075* - Microsoft Windows MSHTML Platform Remote Code Execution Vulnerability Over SMB (CVE-2024-38112)
Ivanti Avalanche
1011863* - Ivanti Avalanche Authentication Bypass Vulnerability (CVE-2021-22962 & CVE-2023-32566)
SAP NetWeaver Java Application Server
1012085 - SAP NetWeaver AS JAVA SQL Injection Vulnerability (CVE-2016-2386)
Web Application Common
1012078* - Progress MOVEit Transfer Authentication Bypass Vulnerability (CVE-2024-5806)
1012079* - SolarWinds Serv-U Directory Traversal Vulnerability (CVE-2024-28995)
Web Application PHP Based
1011947* - WordPress 'Backup Migration' Plugin Remote Code Execution Vulnerability (CVE-2023-6553)
Web Client Common
1012074* - Microsoft Windows MSHTML Platform Remote Code Execution Vulnerability (CVE-2024-38112)
Web Server HTTPS
1011878* - Cacti SQL Injection Vulnerability (CVE-2023-39361)
1011981* - Centreon SQL Injection Vulnerability (CVE-2024-23118)
1012081 - Centreon SQL Injection Vulnerability (CVE-2024-32501 and CVE-2024-5723)
1012089 - GitLab Regular Expression Denial of Service Vulnerability (CVE-2024-2829)
1012083 - GitLab Stored Cross-Site Scripting Vulnerability (CVE-2023-6371)
1012068* - Ivanti Endpoint Manager Multiple SQL Injection Vulnerabilities (CVE-2024-29828 & CVE-2024-29829)
1012066* - PHP-CGI Argument Injection Vulnerability (CVE-2024-4577)
Web Server Miscellaneous
1012026* - CrushFTP Remote Code Execution Vulnerability (CVE-2023-43177)
1012031* - GitLab Denial Of Service Vulnerability (CVE-2024-2818)
Web Server Nagios
1012027* - Nagios XI SQL Injection Vulnerability (CVE-2024-24401)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
DCERPC Services - Client
1012075* - Microsoft Windows MSHTML Platform Remote Code Execution Vulnerability Over SMB (CVE-2024-38112)
Ivanti Avalanche
1011863* - Ivanti Avalanche Authentication Bypass Vulnerability (CVE-2021-22962 & CVE-2023-32566)
SAP NetWeaver Java Application Server
1012085 - SAP NetWeaver AS JAVA SQL Injection Vulnerability (CVE-2016-2386)
Web Application Common
1012078* - Progress MOVEit Transfer Authentication Bypass Vulnerability (CVE-2024-5806)
1012079* - SolarWinds Serv-U Directory Traversal Vulnerability (CVE-2024-28995)
Web Application PHP Based
1011947* - WordPress 'Backup Migration' Plugin Remote Code Execution Vulnerability (CVE-2023-6553)
Web Client Common
1012074* - Microsoft Windows MSHTML Platform Remote Code Execution Vulnerability (CVE-2024-38112)
Web Server HTTPS
1011878* - Cacti SQL Injection Vulnerability (CVE-2023-39361)
1011981* - Centreon SQL Injection Vulnerability (CVE-2024-23118)
1012081 - Centreon SQL Injection Vulnerability (CVE-2024-32501 and CVE-2024-5723)
1012089 - GitLab Regular Expression Denial of Service Vulnerability (CVE-2024-2829)
1012083 - GitLab Stored Cross-Site Scripting Vulnerability (CVE-2023-6371)
1012068* - Ivanti Endpoint Manager Multiple SQL Injection Vulnerabilities (CVE-2024-29828 & CVE-2024-29829)
1012066* - PHP-CGI Argument Injection Vulnerability (CVE-2024-4577)
Web Server Miscellaneous
1012026* - CrushFTP Remote Code Execution Vulnerability (CVE-2023-43177)
1012031* - GitLab Denial Of Service Vulnerability (CVE-2024-2818)
Web Server Nagios
1012027* - Nagios XI SQL Injection Vulnerability (CVE-2024-24401)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.