Rule Update
22-002 (January 11, 2022)
DESCRIPTION
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Linux Kernel TIPC
1011263 - Linux Kernel TIPC Heap Buffer Overflow Vulnerability (CVE-2021-43267)
SolarWinds Network Performance Monitor
1011230* - SolarWinds Patch Manager 'WSAsyncExecuteTasks' Deserialization Vulnerability (CVE-2021-35217)
Web Application Common
1011259* - Dolibarr ERP And CRM Command Injection Vulnerability (CVE-2021-33816)
1011258* - Dolibarr ERP And CRM Stored Cross-Site Scripting Vulnerability (CVE-2021-33618)
1011198* - Strapi Framework Remote Code Execution Vulnerability (CVE-2019-19609)
Web Application PHP Based
1011266 - WordPress 'All-In-One-Seo-Pack' Plugin Remote Code Execution Vulnerability (CVE-2021-24307)
1011252* - WordPress 'Catch Themes Demo Import' Plugin Remote Code Execution Vulnerability (CVE-2021-39352)
1011261 - WordPress 'DZS Zoomsounds' Plugin Directory Traversal Vulnerability (CVE-2021-39316)
1011264 - WordPress 'Popular Posts' Plugin Arbitrary File Upload Vulnerability (CVE-2021-42362)
1011013* - WordPress 'Stop Spammers' Plugin Cross-Site Scripting Vulnerability (CVE-2021-24245)
1011169* - WordPress 'Supsystic Popup' Plugin Cross-Site Scripting Vulnerability (CVE-2021-24275)
1011165* - WordPress 'Woo-Order-Export-Lite' Plugin Reflected Cross-Site Scripting Vulnerability (CVE-2021-24169)
Web Application Ruby Based
1011243* - Grafana Path Traversal Vulnerability (CVE-2021-43798)
Web Client Common
1011032* - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB21-51)
Web Server Common
1011245* - Apache APISIX 'uri-block' Plugin Path Traversal Vulnerability (CVE-2021-43557)
1011242* - Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)
1011265 - Apache Log4j Remote Code Execution Vulnerability (CVE-2021-45046)
Web Server HTTPS
1011196* - ACME mini_httpd Server Arbitrary File Read Vulnerability (CVE-2018-18778)
Web Server Miscellaneous
1011256* - Jenkins 'Artifact Repository Parameter' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2021-21622)
Web Server SharePoint
1011233* - Microsoft SharePoint Server Remote Code Execution Vulnerability (CVE-2021-40487)
Windows SMB Server
1011251* - Microsoft Windows Active Directory Domain Services Elevation of Privilege Vulnerability Over SMB (CVE-2021-42278)
Zoho ManageEngine
1011248* - Zoho ManageEngine ADManager Plus Unrestricted File Upload Vulnerability (CVE-2021-37539)
1011257* - Zoho ManageEngine ADManager Plus Unrestricted File Upload Vulnerability (CVE-2021-37921)
1011255* - Zoho ManageEngine ServiceDesk Plus Authentication Bypass Vulnerability (CVE-2021-37415)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
Linux Kernel TIPC
1011263 - Linux Kernel TIPC Heap Buffer Overflow Vulnerability (CVE-2021-43267)
SolarWinds Network Performance Monitor
1011230* - SolarWinds Patch Manager 'WSAsyncExecuteTasks' Deserialization Vulnerability (CVE-2021-35217)
Web Application Common
1011259* - Dolibarr ERP And CRM Command Injection Vulnerability (CVE-2021-33816)
1011258* - Dolibarr ERP And CRM Stored Cross-Site Scripting Vulnerability (CVE-2021-33618)
1011198* - Strapi Framework Remote Code Execution Vulnerability (CVE-2019-19609)
Web Application PHP Based
1011266 - WordPress 'All-In-One-Seo-Pack' Plugin Remote Code Execution Vulnerability (CVE-2021-24307)
1011252* - WordPress 'Catch Themes Demo Import' Plugin Remote Code Execution Vulnerability (CVE-2021-39352)
1011261 - WordPress 'DZS Zoomsounds' Plugin Directory Traversal Vulnerability (CVE-2021-39316)
1011264 - WordPress 'Popular Posts' Plugin Arbitrary File Upload Vulnerability (CVE-2021-42362)
1011013* - WordPress 'Stop Spammers' Plugin Cross-Site Scripting Vulnerability (CVE-2021-24245)
1011169* - WordPress 'Supsystic Popup' Plugin Cross-Site Scripting Vulnerability (CVE-2021-24275)
1011165* - WordPress 'Woo-Order-Export-Lite' Plugin Reflected Cross-Site Scripting Vulnerability (CVE-2021-24169)
Web Application Ruby Based
1011243* - Grafana Path Traversal Vulnerability (CVE-2021-43798)
Web Client Common
1011032* - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB21-51)
Web Server Common
1011245* - Apache APISIX 'uri-block' Plugin Path Traversal Vulnerability (CVE-2021-43557)
1011242* - Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)
1011265 - Apache Log4j Remote Code Execution Vulnerability (CVE-2021-45046)
Web Server HTTPS
1011196* - ACME mini_httpd Server Arbitrary File Read Vulnerability (CVE-2018-18778)
Web Server Miscellaneous
1011256* - Jenkins 'Artifact Repository Parameter' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2021-21622)
Web Server SharePoint
1011233* - Microsoft SharePoint Server Remote Code Execution Vulnerability (CVE-2021-40487)
Windows SMB Server
1011251* - Microsoft Windows Active Directory Domain Services Elevation of Privilege Vulnerability Over SMB (CVE-2021-42278)
Zoho ManageEngine
1011248* - Zoho ManageEngine ADManager Plus Unrestricted File Upload Vulnerability (CVE-2021-37539)
1011257* - Zoho ManageEngine ADManager Plus Unrestricted File Upload Vulnerability (CVE-2021-37921)
1011255* - Zoho ManageEngine ServiceDesk Plus Authentication Bypass Vulnerability (CVE-2021-37415)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.