Rule Update
23-023 (May 30, 2023)
DESCRIPTION
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Advanced Message Queuing Protocol (AMQP)
1011704* - SolarWinds Network Performance Monitor Insecure Deserialization Vulnerability (CVE-2022-47503)
DCERPC Services - Client
1011517* - Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability (DogWalk) Over SMB (CVE-2022-34713)
SNMP Server
1011647* - Net-SNMP NULL Pointer Dereference Vulnerability (CVE-2022-44792)
SolarWinds Orion Platform
1011762 - SolarWinds Network Performance Monitor Command Injection Vulnerability (CVE-2022-36963)
Web Application Common
1011718 - ThinkPHP SQL Injection Vulnerability (CVE-2021-44350)
Web Application PHP Based
1011754 - WordPress 'Duplicator' Plugin Information Disclosure Vulnerability (CVE-2022-2551)
Web Server Common
1011755 - JetBrains TeamCity Cross-Site Scripting Vulnerability (CVE-2022-48426)
1011752 - JetBrains TeamCity Cross-Site Scripting Vulnerability (CVE-2022-48428)
Web Server HTTPS
1011749 - rConfig 'ajaxCompareGetCmdDates.php' SQL Injection Vulnerability (CVE-2022-45030)
Web Server Miscellaneous
1011456* - Atlassian Confluence And Data Center Remote Code Execution Vulnerability (CVE-2022-26134)
1011759 - Ivanti Avalanche Arbitrary File Upload Vulnerability (CVE-2023-28128)
1011756 - XWiki Code Injection Vulnerability (CVE-2023-29525)
Zoho ManageEngine ServiceDesk Plus_MSP
1011751 - Zoho ManageEngine ServiceDesk Plus Cross-Site Scripting Vulnerability (CVE-2023-23074)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
Advanced Message Queuing Protocol (AMQP)
1011704* - SolarWinds Network Performance Monitor Insecure Deserialization Vulnerability (CVE-2022-47503)
DCERPC Services - Client
1011517* - Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability (DogWalk) Over SMB (CVE-2022-34713)
SNMP Server
1011647* - Net-SNMP NULL Pointer Dereference Vulnerability (CVE-2022-44792)
SolarWinds Orion Platform
1011762 - SolarWinds Network Performance Monitor Command Injection Vulnerability (CVE-2022-36963)
Web Application Common
1011718 - ThinkPHP SQL Injection Vulnerability (CVE-2021-44350)
Web Application PHP Based
1011754 - WordPress 'Duplicator' Plugin Information Disclosure Vulnerability (CVE-2022-2551)
Web Server Common
1011755 - JetBrains TeamCity Cross-Site Scripting Vulnerability (CVE-2022-48426)
1011752 - JetBrains TeamCity Cross-Site Scripting Vulnerability (CVE-2022-48428)
Web Server HTTPS
1011749 - rConfig 'ajaxCompareGetCmdDates.php' SQL Injection Vulnerability (CVE-2022-45030)
Web Server Miscellaneous
1011456* - Atlassian Confluence And Data Center Remote Code Execution Vulnerability (CVE-2022-26134)
1011759 - Ivanti Avalanche Arbitrary File Upload Vulnerability (CVE-2023-28128)
1011756 - XWiki Code Injection Vulnerability (CVE-2023-29525)
Zoho ManageEngine ServiceDesk Plus_MSP
1011751 - Zoho ManageEngine ServiceDesk Plus Cross-Site Scripting Vulnerability (CVE-2023-23074)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.