Rule Update
21-033 (July 20, 2021)
DESCRIPTION
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Pulsar Binary Protocol
1010998* - Apache Pulsar JSON Web Token Authentication Bypass Vulnerability Over Pulsar (CVE-2021-22160)
Web Application Common
1011047 - WordPress 'Modern Events Calendar' Plugin Remote Code Execution Vulnerability (CVE-2021-24145)
1011043 - WordPress 'XCloner' Plugin Remote Code Execution Vulnerability (CVE-2020-35948)
Web Client Common
1011048 - Google Chrome Heap Corruption Vulnerability (CVE-2021-21166)
1011049 - Google Chrome V8 Type Confusion Vulnerability (CVE-2021-30551)
Web Client Internet Explorer/Edge
1010133* - Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (CVE-2020-0674)
Web Server HTTPS
1011041* - Microsoft Exchange Server Remote Code Execution Vulnerability (CVE-2021-34473)
Web Server Miscellaneous
1011035 - Jenkins 'Generic Webhook Trigger' Plugin External Entity Injection Vulnerability (CVE-2021-21669)
1011028* - Jenkins 'Scriptler' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2021-21667)
Web Server Nagios
1011023* - Nagios XI 'Custom-includes' Module Directory Traversal Vulnerability (CVE-2021-3277)
1011022 - Nagios XI Account Email Address Stored Cross-Site Scripting Vulnerability
Web Server SharePoint
1011030* - Microsoft SharePoint Server Remote Code Execution Vulnerability (CVE-2021-34467)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
Pulsar Binary Protocol
1010998* - Apache Pulsar JSON Web Token Authentication Bypass Vulnerability Over Pulsar (CVE-2021-22160)
Web Application Common
1011047 - WordPress 'Modern Events Calendar' Plugin Remote Code Execution Vulnerability (CVE-2021-24145)
1011043 - WordPress 'XCloner' Plugin Remote Code Execution Vulnerability (CVE-2020-35948)
Web Client Common
1011048 - Google Chrome Heap Corruption Vulnerability (CVE-2021-21166)
1011049 - Google Chrome V8 Type Confusion Vulnerability (CVE-2021-30551)
Web Client Internet Explorer/Edge
1010133* - Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (CVE-2020-0674)
Web Server HTTPS
1011041* - Microsoft Exchange Server Remote Code Execution Vulnerability (CVE-2021-34473)
Web Server Miscellaneous
1011035 - Jenkins 'Generic Webhook Trigger' Plugin External Entity Injection Vulnerability (CVE-2021-21669)
1011028* - Jenkins 'Scriptler' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2021-21667)
Web Server Nagios
1011023* - Nagios XI 'Custom-includes' Module Directory Traversal Vulnerability (CVE-2021-3277)
1011022 - Nagios XI Account Email Address Stored Cross-Site Scripting Vulnerability
Web Server SharePoint
1011030* - Microsoft SharePoint Server Remote Code Execution Vulnerability (CVE-2021-34467)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.