Rule Update

23-040 (September 19, 2023)


  DESCRIPTION

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

Advanced Message Queuing Protocol (AMQP)
1011834* - SolarWinds Network Performance Monitor Insecure Deserialization Vulnerability (CVE-2022-38111)


Apache RocketMQ
1011831* - Apache RocketMQ Command Injection Vulnerability (CVE-2023-33246)


Web Application Common
1011836* - Progress MOVEit Transfer SQL Injection Vulnerability (CVE-2023-36932) - 1


Web Application PHP Based
1011862 - WordPress 'Ultimate Member' Plugin Privilege Escalation Vulnerability (CVE-2023-3460)


Web Server HTTPS
1011823* - Contec CONPROSYS HMI System Cross-Site Scripting Vulnerability (CVE-2023-28651)


Web Server Miscellaneous
1011863 - Ivanti Avalanche Authentication Bypass Vulnerability (CVE-2023-32566)
1011825* - Jenkins 'File Parameter' Plugin Arbitrary File Write Vulnerability (CVE-2023-32986)
1011835* - XWiki Code Injection Vulnerability (CVE-2023-29524)
1011838* - XWiki Code Injection Vulnerability (CVE-2023-35150)
1011833* - XWiki Code Injection Vulnerability (CVE-2023-36469)


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.