rule Update
20-011 (03 de marzo de 2020)
Publish date: 03 de marzo de 2020
Descripción
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Apache JServ Protocol
1010184 - Identified Apache JServ Protocol (AJP) Traffic
Oracle E-Business Suite Web Interface
1010160* - Oracle E-Business Suite Human Resources SQL Injection Vulnerability (CVE-2020-2586)
1010170* - Oracle E-Business Suite Human Resources SQL Injection Vulnerability (CVE-2020-2587)
Remote Desktop Protocol Over UDP
1010125* - Microsoft Windows RDP Gateway Server Remote Code Execution Vulnerabilities (CVE-2020-0609 and CVE-2020-0610)
SolarWinds Dameware Mini Remote Control
1010174 - SolarWinds DameWare Mini Remote Control Remote Code Execution Vulnerability (CVE-2019-3980)
Web Client Common
1010182 - Google Chrome Type Confusion Vulnerability (CVE-2020-6418)
1010180 - Microsoft Windows LNK Remote Code Execution Vulnerability (CVE-2020-0729)
Web Server Common
1010096* - Total.js CMS Widget JavaScript Code Injection Vulnerability (CVE-2019-15954)
1010172 - WordPress InfiniteWP And Time Capsule Plugin Client Authentication Bypass Vulnerability (CVE-2020-8771)
Web Server Oracle
1010168* - Oracle WebLogic Server Untrusted Data Deserialization Vulnerability (CVE-2020-2555)
1010171* - Oracle Weblogic Server Insecure Deserialization Vulnerability (CVE-2020-2551)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
Apache JServ Protocol
1010184 - Identified Apache JServ Protocol (AJP) Traffic
Oracle E-Business Suite Web Interface
1010160* - Oracle E-Business Suite Human Resources SQL Injection Vulnerability (CVE-2020-2586)
1010170* - Oracle E-Business Suite Human Resources SQL Injection Vulnerability (CVE-2020-2587)
Remote Desktop Protocol Over UDP
1010125* - Microsoft Windows RDP Gateway Server Remote Code Execution Vulnerabilities (CVE-2020-0609 and CVE-2020-0610)
SolarWinds Dameware Mini Remote Control
1010174 - SolarWinds DameWare Mini Remote Control Remote Code Execution Vulnerability (CVE-2019-3980)
Web Client Common
1010182 - Google Chrome Type Confusion Vulnerability (CVE-2020-6418)
1010180 - Microsoft Windows LNK Remote Code Execution Vulnerability (CVE-2020-0729)
Web Server Common
1010096* - Total.js CMS Widget JavaScript Code Injection Vulnerability (CVE-2019-15954)
1010172 - WordPress InfiniteWP And Time Capsule Plugin Client Authentication Bypass Vulnerability (CVE-2020-8771)
Web Server Oracle
1010168* - Oracle WebLogic Server Untrusted Data Deserialization Vulnerability (CVE-2020-2555)
1010171* - Oracle Weblogic Server Insecure Deserialization Vulnerability (CVE-2020-2551)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.