Rule Update

24-033 (July 9, 2024)


  DESCRIPTION

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

Arcserve Unified Data Protection
1012019* - Arcserve Unified Data Protection Denial of Service Vulnerability (CVE-2024-0801)
1012012* - Arcserve Unified Data Protection Directory Traversal Vulnerability (CVE-2024-0800)


PaperCut
1012082 - PaperCut NG and MF Remote Code Execution Vulnerability (CVE-2024-1882)


Web Application PHP Based
1012015* - Joomla! CMS Cross-Site Scripting Vulnerability (CVE-2024-21726)
1012002* - WordPress 'Bricks Builder' Plugin Remote Code Execution Vulnerability (CVE-2024-25600)
1011528* - WordPress 'Simple File List' Plugin Directory Traversal Vulnerability (CVE-2022-1119)


Web Server HTTPS
1012087 - Ivanti Endpoint Manager SQL Injection Vulnerability (CVE-2024-29822)
1012088 - Ivanti Endpoint Manager SQL Injection Vulnerability (CVE-2024-29826)
1012084 - Ivanti Endpoint Manager SQL Injection Vulnerability (CVE-2024-29830)


Web Server Miscellaneous
1012080 - Identified Restricted file upload with specific extension (multipart request)


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.