Rule Update
23-025 (June 13, 2023)
DESCRIPTION
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
NFS Server
1011740* - Microsoft Windows Network File System Remote Code Execution Vulnerability (CVE-2023-24941)
Unix Samba
1011717* - Linux Kernel KSMBD Use After Free Vulnerability (CVE-2022-47939)
Web Application PHP Based
1011765 - Froxlor Unrestricted File Upload Vulnerability (CVE-2023-2034)
1011776 - WordPress 'Advanced Custom Fields' Plugin Reflected Cross-Site Scripting Vulnerability (CVE-2023-30777)
1011771 - WordPress 'Limit Login Attempts' Plugin Cross-Site Scripting Vulnerability (CVE-2023-1861)
1011775 - WordPress 'Paid Memberships Pro' Plugin SQL Injection Vulnerability (CVE-2023-0631)
1011777 - WordPress 'Shield Security' Plugin Cross-Site Scripting Vulnerability (CVE-2023-0992)
Web Client Common
1011779 - Adobe Acrobat And Reader Information Disclosure Vulnerability (CVE-2022-44519)
1011780 - Adobe Acrobat And Reader Remote Code Execution Vulnerability (CVE-2022-44520)
Web Server HTTPS
1011769 - Node.js HTTP Request Smuggling Vulnerability (CVE-2022-32215)
1011773 - Trend Micro Apex Central SQL Injection Vulnerability (CVE-2023-32529)
Web Server Miscellaneous
1011677* - Contec CONPROSYS HMI System Command Injection Vulnerability (CVE-2022-44456)
1011778 - Jenkins 'Sidebar Link' Plugin Directory Traversal Vulnerability (CVE-2023-32985)
Web Server Oracle
1011734 - Oracle WebLogic Server Fusion Middleware Deserialization Vulnerability (CVE-2023-21931)
Zoho ManageEngine
1011770 - Zoho ManageEngine ADManager Plus Command Injection Vulnerability (CVE-2023-29084)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
NFS Server
1011740* - Microsoft Windows Network File System Remote Code Execution Vulnerability (CVE-2023-24941)
Unix Samba
1011717* - Linux Kernel KSMBD Use After Free Vulnerability (CVE-2022-47939)
Web Application PHP Based
1011765 - Froxlor Unrestricted File Upload Vulnerability (CVE-2023-2034)
1011776 - WordPress 'Advanced Custom Fields' Plugin Reflected Cross-Site Scripting Vulnerability (CVE-2023-30777)
1011771 - WordPress 'Limit Login Attempts' Plugin Cross-Site Scripting Vulnerability (CVE-2023-1861)
1011775 - WordPress 'Paid Memberships Pro' Plugin SQL Injection Vulnerability (CVE-2023-0631)
1011777 - WordPress 'Shield Security' Plugin Cross-Site Scripting Vulnerability (CVE-2023-0992)
Web Client Common
1011779 - Adobe Acrobat And Reader Information Disclosure Vulnerability (CVE-2022-44519)
1011780 - Adobe Acrobat And Reader Remote Code Execution Vulnerability (CVE-2022-44520)
Web Server HTTPS
1011769 - Node.js HTTP Request Smuggling Vulnerability (CVE-2022-32215)
1011773 - Trend Micro Apex Central SQL Injection Vulnerability (CVE-2023-32529)
Web Server Miscellaneous
1011677* - Contec CONPROSYS HMI System Command Injection Vulnerability (CVE-2022-44456)
1011778 - Jenkins 'Sidebar Link' Plugin Directory Traversal Vulnerability (CVE-2023-32985)
Web Server Oracle
1011734 - Oracle WebLogic Server Fusion Middleware Deserialization Vulnerability (CVE-2023-21931)
Zoho ManageEngine
1011770 - Zoho ManageEngine ADManager Plus Command Injection Vulnerability (CVE-2023-29084)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.