Rule Update
21-046 (October 19, 2021)
DESCRIPTION
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Memcached
1011097 - Oracle MySQL Integer Underflow Vulnerability (CVE-2021-2389)
Microsoft Office
1011181 - Microsoft Office Visio Remote Code Execution Vulnerability (CVE-2021-40480)
1011182 - Microsoft Office Visio Remote Code Execution Vulnerability (CVE-2021-40481)
1011184 - Microsoft Word Remote Code Execution Vulnerability (CVE-2021-40486)
Web Application Common
1011173* - WordPress 'Redirect 404 To Parent' Plugin Cross-Site Scripting Vulnerability (CVE-2021-24286)
1011174* - WordPress 'Select All Categories and Taxonomies' Plugin Cross-Site Scripting Vulnerability (CVE-2021-24287)
Web Client Common
1011175 - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB21-104) - 1
1011176 - Adobe Acrobat And Reader Use After Free Vulnerability (CVE-2021-40730)
Web Server Apache
1011183 - Apache HTTP Server Server-Side Request Forgery Vulnerability (CVE-2021-40438)
Web Server HTTPS
1011172* - WordPress 'TranslatePress' Plugin Cross-Site Scripting Vulnerability (CVE-2021-24610)
Web Server Miscellaneous
1011177 - Atlassian Confluence Server Arbitrary File Read Vulnerability (CVE-2021-26085)
1011179 - Atlassian Jira Path Traversal Vulnerability (CVE-2021-26086)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
1002828* - Application - Secure Shell Daemon (SSHD)
1010002* - Microsoft PowerShell Command Execution (ATT&CK T1059.001)
1004057* - Microsoft Windows Security Events - 1
Deep Packet Inspection Rules:
Memcached
1011097 - Oracle MySQL Integer Underflow Vulnerability (CVE-2021-2389)
Microsoft Office
1011181 - Microsoft Office Visio Remote Code Execution Vulnerability (CVE-2021-40480)
1011182 - Microsoft Office Visio Remote Code Execution Vulnerability (CVE-2021-40481)
1011184 - Microsoft Word Remote Code Execution Vulnerability (CVE-2021-40486)
Web Application Common
1011173* - WordPress 'Redirect 404 To Parent' Plugin Cross-Site Scripting Vulnerability (CVE-2021-24286)
1011174* - WordPress 'Select All Categories and Taxonomies' Plugin Cross-Site Scripting Vulnerability (CVE-2021-24287)
Web Client Common
1011175 - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB21-104) - 1
1011176 - Adobe Acrobat And Reader Use After Free Vulnerability (CVE-2021-40730)
Web Server Apache
1011183 - Apache HTTP Server Server-Side Request Forgery Vulnerability (CVE-2021-40438)
Web Server HTTPS
1011172* - WordPress 'TranslatePress' Plugin Cross-Site Scripting Vulnerability (CVE-2021-24610)
Web Server Miscellaneous
1011177 - Atlassian Confluence Server Arbitrary File Read Vulnerability (CVE-2021-26085)
1011179 - Atlassian Jira Path Traversal Vulnerability (CVE-2021-26086)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
1002828* - Application - Secure Shell Daemon (SSHD)
1010002* - Microsoft PowerShell Command Execution (ATT&CK T1059.001)
1004057* - Microsoft Windows Security Events - 1