ruleUpdate
24-058 (17 décembre 2024)
Publish Date: 17 décembre 2024
Description
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Advanced Message Queuing Protocol (AMQP)
1012050* - SolarWinds Access Rights Manager Remote Code Execution Vulnerability (CVE-2023-40057 & CVE-2024-28075)
Arcserve Unified Data Protection
1012077* - Arcserve Unified Data Protection Remote Code Execution Vulnerability (CVE-2023-26258)
Cleo
1012234 - Cleo Multiple Products Remote Code Execution Vulnerability (CVE-2024-50623)
DHCP Failover Protocol Server
1012136* - Microsoft Windows DHCP Server Denial of Service Vulnerability (CVE-2024-30070)
HP AutoPass License Server
1012228 - HPE AutoPass License Server Authentication Bypass Vulnerability (CVE-2024-51767)
Ivanti Endpoint Manager
1012149* - Ivanti Endpoint Manager Multiple SQL Injection Vulnerabilities - 1
1012211* - Ivanti Endpoint Manager SQL Injection Vulnerability (CVE-2024-32839)
Web Application PHP Based
1012194 - WordPress 'WP Brutal AI' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2023-2606)
Web Server Apache
1012168* - Apache Httpd Server-Side Request Forgery Vulnerability (CVE-2024-38472)
Web Server HTTPS
1012105* - GitLab Regular Expression Denial Of Service Vulnerability (CVE-2024-2878)
1012094* - Progress WhatsUp Gold Server-Side Request Forgery Vulnerability (CVE-2024-5015)
1011902* - SolarWinds Access Rights Manager Insecure Deserialization Vulnerability (CVE-2023-35184 and CVE-2024-23478)
1012224 - WordPress 'Really Simple Security' Plugin Authentication Bypass Vulnerability (CVE-2024-10924)
1012221 - Zimbra Collaboration Reflected Cross-Site Scripting Vulnerability (CVE-2024-50599)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
Advanced Message Queuing Protocol (AMQP)
1012050* - SolarWinds Access Rights Manager Remote Code Execution Vulnerability (CVE-2023-40057 & CVE-2024-28075)
Arcserve Unified Data Protection
1012077* - Arcserve Unified Data Protection Remote Code Execution Vulnerability (CVE-2023-26258)
Cleo
1012234 - Cleo Multiple Products Remote Code Execution Vulnerability (CVE-2024-50623)
DHCP Failover Protocol Server
1012136* - Microsoft Windows DHCP Server Denial of Service Vulnerability (CVE-2024-30070)
HP AutoPass License Server
1012228 - HPE AutoPass License Server Authentication Bypass Vulnerability (CVE-2024-51767)
Ivanti Endpoint Manager
1012149* - Ivanti Endpoint Manager Multiple SQL Injection Vulnerabilities - 1
1012211* - Ivanti Endpoint Manager SQL Injection Vulnerability (CVE-2024-32839)
Web Application PHP Based
1012194 - WordPress 'WP Brutal AI' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2023-2606)
Web Server Apache
1012168* - Apache Httpd Server-Side Request Forgery Vulnerability (CVE-2024-38472)
Web Server HTTPS
1012105* - GitLab Regular Expression Denial Of Service Vulnerability (CVE-2024-2878)
1012094* - Progress WhatsUp Gold Server-Side Request Forgery Vulnerability (CVE-2024-5015)
1011902* - SolarWinds Access Rights Manager Insecure Deserialization Vulnerability (CVE-2023-35184 and CVE-2024-23478)
1012224 - WordPress 'Really Simple Security' Plugin Authentication Bypass Vulnerability (CVE-2024-10924)
1012221 - Zimbra Collaboration Reflected Cross-Site Scripting Vulnerability (CVE-2024-50599)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.