ruleUpdate
21-017 (13 avril 2021)
Publish Date: 13 avril 2021
Description
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
DCERPC Services
1010900 - Microsoft Windows SMB Information Disclosure Vulnerability (CVE-2021-28325)
HP Intelligent Management Center (IMC)
1010889 - Apache OFBiz Unsafe Deserialization Vulnerability (CVE-2021-26295)
Suspicious Client Ransomware Activity
1010732* - Identified FlawedGrace Checkin Request - Client
Suspicious Server Ransomware Activity
1010733* - Identified FlawedGrace Checkin Request - Server
Web Application PHP Based
1010886* - Batflat CMS Remote Code Execution Vulnerability (CVE-2020-35734)
Web Application Tomcat
1009697* - Apache Tomcat Remote Code Execution Vulnerability (CVE-2019-0232)
Web Client Common
1010806* - Identified Directory Traversal Attack In HTTP Response Headers
1010898 - Microsoft Windows Win32k Elevation Of Privilege Vulnerability (CVE-2021-28310)
Web Client Internet Explorer/Edge
1010888 - Microsoft Edge Memory Corruption Vulnerability (CVE-2017-11799)
1010896 - Microsoft Edge Memory Corruption Vulnerability (CVE-2017-8755)
Web Server Common
1010892 - B2evolution CMS Reflected Cross Site Scripting Vulnerability (CVE-2020-22839)
1010885 - CMS Made Simple Smarty Server-side Template Injection Vulnerability (CVE-2021-26120)
1010871* - Cisco Data Center Network Manager Arbitrary File Upload Vulnerability (CVE-2019-1620)
1010874 - Identified Cisco Data Center Network Manager Authentication Bypass Attempt
1010891 - Identified Cisco Data Center Network Manager Information Disclosure Vulnerability (CVE-2019-1622)
1010755* - SAP Solution Manager Remote Code Execution Vulnerability (CVE-2020-6207)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
1002798* - Database Server - PostgreSQL
Deep Packet Inspection Rules:
DCERPC Services
1010900 - Microsoft Windows SMB Information Disclosure Vulnerability (CVE-2021-28325)
HP Intelligent Management Center (IMC)
1010889 - Apache OFBiz Unsafe Deserialization Vulnerability (CVE-2021-26295)
Suspicious Client Ransomware Activity
1010732* - Identified FlawedGrace Checkin Request - Client
Suspicious Server Ransomware Activity
1010733* - Identified FlawedGrace Checkin Request - Server
Web Application PHP Based
1010886* - Batflat CMS Remote Code Execution Vulnerability (CVE-2020-35734)
Web Application Tomcat
1009697* - Apache Tomcat Remote Code Execution Vulnerability (CVE-2019-0232)
Web Client Common
1010806* - Identified Directory Traversal Attack In HTTP Response Headers
1010898 - Microsoft Windows Win32k Elevation Of Privilege Vulnerability (CVE-2021-28310)
Web Client Internet Explorer/Edge
1010888 - Microsoft Edge Memory Corruption Vulnerability (CVE-2017-11799)
1010896 - Microsoft Edge Memory Corruption Vulnerability (CVE-2017-8755)
Web Server Common
1010892 - B2evolution CMS Reflected Cross Site Scripting Vulnerability (CVE-2020-22839)
1010885 - CMS Made Simple Smarty Server-side Template Injection Vulnerability (CVE-2021-26120)
1010871* - Cisco Data Center Network Manager Arbitrary File Upload Vulnerability (CVE-2019-1620)
1010874 - Identified Cisco Data Center Network Manager Authentication Bypass Attempt
1010891 - Identified Cisco Data Center Network Manager Information Disclosure Vulnerability (CVE-2019-1622)
1010755* - SAP Solution Manager Remote Code Execution Vulnerability (CVE-2020-6207)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
1002798* - Database Server - PostgreSQL