Rule Update
21-054 (December 7, 2021)
DESCRIPTION
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Web Application Common
1011171* - Apache HTTP Server Directory Traversal Vulnerability (CVE-2021-41773 and CVE-2021-42013)
Web Application PHP Based
1010488* - Identified WordPress Database Reset Attempt
1010818* - WordPress 'Code Snippets' Plugin Cross-Site Request Forgery Vulnerability (CVE-2020-8417)
1010712* - WordPress 'Contact Form 7' Plugin Arbitrary File Upload Vulnerability (CVE-2020-35489)
1011170* - WordPress 'Contact Form' Plugin Cross-Site Scripting Vulnerability (CVE-2021-24276)
1011220* - WordPress 'Download Manager' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2021-24773)
1010490* - WordPress 'File Manager' Plugin Remote Code Execution Vulnerability (CVE-2020-25213)
1010194* - WordPress 'GDPR Cookie Consent Plugin' Stored Cross-Site Scripting Vulnerability
1011060* - WordPress 'LearnPress' Plugin Blind SQL Injection Vulnerability (CVE-2020-6010)
1011209* - WordPress 'LearnPress' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2021-39348)
1011047* - WordPress 'Modern Events Calendar' Plugin Remote Code Execution Vulnerability (CVE-2021-24145)
1011015* - WordPress 'Poll, Survey, Questionnaire and Voting system' Plugin Blind SQL Injection Vulnerability
1011173* - WordPress 'Redirect 404 To Parent' Plugin Cross-Site Scripting Vulnerability (CVE-2021-24286)
1011056* - WordPress 'SP Project & Document Manager' Plugin Remote Code Execution Vulnerability (CVE-2021-24347)
1011174* - WordPress 'Select All Categories and Taxonomies' Plugin Cross-Site Scripting Vulnerability (CVE-2021-24287)
1011169* - WordPress 'Supsystic Popup' Plugin Cross-Site Scripting Vulnerability (CVE-2021-24275)
1011168* - WordPress 'Supsystic Ultimate Maps' Plugin Reflected Cross-Site Scripting Vulnerability (CVE-2021-24274)
1011172* - WordPress 'TranslatePress' Plugin Cross-Site Scripting Vulnerability (CVE-2021-24610)
1011165* - WordPress 'Woo-Order-Export-Lite' Plugin Reflected Cross-Site Scripting Vulnerability (CVE-2021-24169)
1011100* - WordPress 'WooCommerce Blocks' Plugin SQL Injection Vulnerability (CVE-2021-32789)
1011043* - WordPress 'XCloner' Plugin Remote Code Execution Vulnerability (CVE-2020-35948)
1010172* - WordPress InfiniteWP And Time Capsule Plugin Client Authentication Bypass Vulnerability (CVE-2020-8771)
1009751* - WordPress PayPal Checkout Payment Gateway Plugin Parameter Tampering Vulnerability (CVE-2019-7441)
1010122* - WordPress Plainview Activity Monitor Plugin Remote Code Execution Vulnerability (CVE-2018-15877)
1009487* - WordPress Total Donations Plugin Remote Administrative Access Vulnerability (CVE-2019-6703)
1010942* - WordPress XML External Entity Injection Vulnerability (CVE-2021-29447)
1010648* - Wordpress Woody Ad Snippets Plugin Remote Code Execution Vulnerability (CVE-2019-15858)
Web Application Ruby Based
1011231 - Grafana Cross Site Scripting Vulnerability (CVE-2021-41174)
Web Client Common
1011225 - Microsoft Project MPT File Parsing Out-Of-Bounds Read Vulnerability (ZDI-CAN-14518)
1011223 - Microsoft Teams amsVideo Cross Site Scripting Vulnerability (ZDI-CAN-13482)
Web Proxy Squid
1011213* - Squid Proxy Denial Of Service Vulnerability (CVE-2021-33620)
1011215* - Squid Proxy Denial of Service Vulnerability (CVE-2021-28662)
Web Server Apache
1011183* - Apache HTTP Server Server-Side Request Forgery Vulnerability (CVE-2021-40438)
Web Server Common
1011227 - Apache Druid Arbitrary File Read Vulnerability (CVE-2021-36749)
Web Server HTTPS
1011235 - Microsoft Exchange Server Reflected Cross-Site Scripting Vulnerability (CVE-2021-41349)
1011232 - Montala Limited ResourceSpace Arbitrary File Deletion Vulnerability (CVE-2021-41950)
Web Server Miscellaneous
1011177* - Atlassian Confluence Server Arbitrary File Read Vulnerability (CVE-2021-26085)
1011179* - Atlassian Jira Path Traversal Vulnerability (CVE-2021-26086)
Web Server SharePoint
1011233 - Microsoft SharePoint Server Remote Code Execution Vulnerability (CVE-2021-40487)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
1008670* - Microsoft Windows Security Events - 3
Deep Packet Inspection Rules:
Web Application Common
1011171* - Apache HTTP Server Directory Traversal Vulnerability (CVE-2021-41773 and CVE-2021-42013)
Web Application PHP Based
1010488* - Identified WordPress Database Reset Attempt
1010818* - WordPress 'Code Snippets' Plugin Cross-Site Request Forgery Vulnerability (CVE-2020-8417)
1010712* - WordPress 'Contact Form 7' Plugin Arbitrary File Upload Vulnerability (CVE-2020-35489)
1011170* - WordPress 'Contact Form' Plugin Cross-Site Scripting Vulnerability (CVE-2021-24276)
1011220* - WordPress 'Download Manager' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2021-24773)
1010490* - WordPress 'File Manager' Plugin Remote Code Execution Vulnerability (CVE-2020-25213)
1010194* - WordPress 'GDPR Cookie Consent Plugin' Stored Cross-Site Scripting Vulnerability
1011060* - WordPress 'LearnPress' Plugin Blind SQL Injection Vulnerability (CVE-2020-6010)
1011209* - WordPress 'LearnPress' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2021-39348)
1011047* - WordPress 'Modern Events Calendar' Plugin Remote Code Execution Vulnerability (CVE-2021-24145)
1011015* - WordPress 'Poll, Survey, Questionnaire and Voting system' Plugin Blind SQL Injection Vulnerability
1011173* - WordPress 'Redirect 404 To Parent' Plugin Cross-Site Scripting Vulnerability (CVE-2021-24286)
1011056* - WordPress 'SP Project & Document Manager' Plugin Remote Code Execution Vulnerability (CVE-2021-24347)
1011174* - WordPress 'Select All Categories and Taxonomies' Plugin Cross-Site Scripting Vulnerability (CVE-2021-24287)
1011169* - WordPress 'Supsystic Popup' Plugin Cross-Site Scripting Vulnerability (CVE-2021-24275)
1011168* - WordPress 'Supsystic Ultimate Maps' Plugin Reflected Cross-Site Scripting Vulnerability (CVE-2021-24274)
1011172* - WordPress 'TranslatePress' Plugin Cross-Site Scripting Vulnerability (CVE-2021-24610)
1011165* - WordPress 'Woo-Order-Export-Lite' Plugin Reflected Cross-Site Scripting Vulnerability (CVE-2021-24169)
1011100* - WordPress 'WooCommerce Blocks' Plugin SQL Injection Vulnerability (CVE-2021-32789)
1011043* - WordPress 'XCloner' Plugin Remote Code Execution Vulnerability (CVE-2020-35948)
1010172* - WordPress InfiniteWP And Time Capsule Plugin Client Authentication Bypass Vulnerability (CVE-2020-8771)
1009751* - WordPress PayPal Checkout Payment Gateway Plugin Parameter Tampering Vulnerability (CVE-2019-7441)
1010122* - WordPress Plainview Activity Monitor Plugin Remote Code Execution Vulnerability (CVE-2018-15877)
1009487* - WordPress Total Donations Plugin Remote Administrative Access Vulnerability (CVE-2019-6703)
1010942* - WordPress XML External Entity Injection Vulnerability (CVE-2021-29447)
1010648* - Wordpress Woody Ad Snippets Plugin Remote Code Execution Vulnerability (CVE-2019-15858)
Web Application Ruby Based
1011231 - Grafana Cross Site Scripting Vulnerability (CVE-2021-41174)
Web Client Common
1011225 - Microsoft Project MPT File Parsing Out-Of-Bounds Read Vulnerability (ZDI-CAN-14518)
1011223 - Microsoft Teams amsVideo Cross Site Scripting Vulnerability (ZDI-CAN-13482)
Web Proxy Squid
1011213* - Squid Proxy Denial Of Service Vulnerability (CVE-2021-33620)
1011215* - Squid Proxy Denial of Service Vulnerability (CVE-2021-28662)
Web Server Apache
1011183* - Apache HTTP Server Server-Side Request Forgery Vulnerability (CVE-2021-40438)
Web Server Common
1011227 - Apache Druid Arbitrary File Read Vulnerability (CVE-2021-36749)
Web Server HTTPS
1011235 - Microsoft Exchange Server Reflected Cross-Site Scripting Vulnerability (CVE-2021-41349)
1011232 - Montala Limited ResourceSpace Arbitrary File Deletion Vulnerability (CVE-2021-41950)
Web Server Miscellaneous
1011177* - Atlassian Confluence Server Arbitrary File Read Vulnerability (CVE-2021-26085)
1011179* - Atlassian Jira Path Traversal Vulnerability (CVE-2021-26086)
Web Server SharePoint
1011233 - Microsoft SharePoint Server Remote Code Execution Vulnerability (CVE-2021-40487)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
1008670* - Microsoft Windows Security Events - 3